[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[libmicrohttpd] 02/156: Updated ChangeLog and NEWS for v0.9.76
From: |
gnunet |
Subject: |
[libmicrohttpd] 02/156: Updated ChangeLog and NEWS for v0.9.76 |
Date: |
Sun, 28 May 2023 17:50:55 +0200 |
This is an automated email from the git hooks/post-receive script.
karlson2k pushed a commit to tag v0.9.77
in repository libmicrohttpd.
commit 32311bfe06b25edaaa9aa844f14c455bd5fbc108
Author: Evgeny Grin (Karlson2k) <k2k@narod.ru>
AuthorDate: Tue Feb 28 12:58:42 2023 +0300
Updated ChangeLog and NEWS for v0.9.76
---
ChangeLog | 2 +-
NEWS | 14 ++++++++++++++
2 files changed, 15 insertions(+), 1 deletion(-)
diff --git a/ChangeLog b/ChangeLog
index 877f0e33..ec2801b7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,6 @@
Sun Feb 26 05:49:30 PM CET 2023
Fix potential DoS vector in MHD_PostProcessor discovered
- by Gynvael Coldwind and Dejan Alvadzijevic. -CG
+ by Gynvael Coldwind and Dejan Alvadzijevic (CVE-2023-27371). -CG
Releasing GNU libmicrohttpd 0.9.76 hotfix. -CG
Sun 26 Dec 2021 20:30:00 MSK
diff --git a/NEWS b/NEWS
index d59aa0b3..c7f49480 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,17 @@
+Sun 26 Feb 2023 17:49:30 CET
+Released GNU libmicrohttpd 0.9.76 hotfix. -CG
+
+ This is a hotfix release.
+ This only change since previous release is fixed potential DoS vector
+ in MHD_PostProcessor discovered by Gynvael Coldwind and Dejan
+ Alvadzijevic (CVE-2023-27371).
+ While the researchers have not been able to exploit this attack vector
+ when libmicrohttpd is compiled with the standard GNU C library, it is
+ recommended that you update MHD as soon as possible if your
+ applications are using (optional) MHD_PostProcessor functionality.
+
+ -- Evgeny Grin (Karlson2k)
+
Sun 26 Dec 2021 20:30:00 MSK
Released GNU libmicrohttpd 0.9.75 -EG
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [libmicrohttpd] tag v0.9.77 created (now 19fb1171), gnunet, 2023/05/28
- [libmicrohttpd] 03/156: bump MHD_VERSION to indicate development version, gnunet, 2023/05/28
- [libmicrohttpd] 04/156: configure: clarified license message, gnunet, 2023/05/28
- [libmicrohttpd] 02/156: Updated ChangeLog and NEWS for v0.9.76,
gnunet <=
- [libmicrohttpd] 01/156: Bump LIB_VERSION_REVISION missing in 0.9.76 release, gnunet, 2023/05/28
- [libmicrohttpd] 06/156: automake: use right automake options, gnunet, 2023/05/28
- [libmicrohttpd] 08/156: test_upgrade{,_large}: fixed use of uninitialized value, gnunet, 2023/05/28
- [libmicrohttpd] 07/156: Fixed compiler warning in examples, gnunet, 2023/05/28
- [libmicrohttpd] 12/156: MHD_get_version(): fixed signed value bit shift, gnunet, 2023/05/28
- [libmicrohttpd] 11/156: Disallowed MHD_SIZE_UNKNOWN for buffer-based responses, gnunet, 2023/05/28
- [libmicrohttpd] 09/156: fix capitalization of SHA-256 / MD5 as per RFC 7616 as reported on the mailinglist by Ahmet Kermen, gnunet, 2023/05/28
- [libmicrohttpd] 05/156: configure: fixed unwanted output on Fedora, gnunet, 2023/05/28
- [libmicrohttpd] 10/156: memorypool: fixed: unpoison memory for ASAN before destroying pool, gnunet, 2023/05/28
- [libmicrohttpd] 18/156: Response from callback: do allow negative return amounts, except predefined values, gnunet, 2023/05/28