bug-serveez
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [bug-serveez] Serveez Information Leak Vulnerability

From: Austin James Gadient
Subject: Re: [bug-serveez] Serveez Information Leak Vulnerability
Date: Sun, 10 Nov 2019 01:07:27 +0000 
Hi Raimund,

Ah sorry about that and no problem!

I have attached a patch file that you should be able to apply from the 
serveez-0.2.2 directory.

Let me know if you have any issues and thank you for your time!

Best Regards,
Austin
________________________________________
From: Raimund 'Raimi' Jacob-Blödorn <address@hidden>
Sent: Saturday, November 9, 2019 10:58 AM
To: Austin James Gadient; address@hidden
Subject: Re: [bug-serveez] Serveez Information Leak Vulnerability

On 11/7/19 5:57 PM, Austin James Gadient wrote:

Hello Austin!

> Just following up. Have you had a chance to look at this?

Well, I cannot do much with your Mac OS compilation attempts.

I tried to diff your sources against the "next" branch of the serveez
git repository but could not identify any change of yours.

If I understand you correctly, it should be sufficient to make
http->contentlength an unsigned int (and/or have an arbitrary cap somwhere).

I am really sorry to have so little time to investigate. But if you send
mit a simple diff I'll do my best to apply it.

Greetings,

        Raimund

Attachment: http_contentlength.patch
Description: http_contentlength.patch

reply via email to
[Prev in Thread] Current Thread [Next in Thread]