mirror of
https://github.com/debauchee/barrier.git
synced 2026-05-12 03:16:07 +08:00
e33c81b835
This commit is the 1/3 part of the fix for the following security vulnerability: - CVE-2021-42076 DoS via excess length messages The issue has been reported by Matthias Gerstner <mgerstner@suse.de>.
7 lines
248 B
Plaintext
7 lines
248 B
Plaintext
SECURITY ISSUE
|
|
|
|
Barrier will now enforce a maximum length of input messages (fixes CVE-2021-42076).
|
|
|
|
Previously it was possible for a malicious client or server to send excessive length messages
|
|
leading to denial of service by resource exhaustion.
|