Debian Patches
Status for pistache/0.0.5+ds-3
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| fix-tls-listener-dos.patch | fix DoS vulnerability in the SSL listener SSL_accept() would hang indefinitely with clients that say nothing during TLS handshake as described in <https://github.com/pistacheio/pistache/issues/1104>. . This patch sets a fixed handshake timeout to 10 seconds in order to avoid changing public interfaces. . It also cherry-picks upstream commit ef30dcc75881544f37d7c3dcb2e3f6d897721d53 which tests if the behaviour of the TLS listener is actually fixed. |
Andrea Pappacoda <andrea@pappacoda.it> | yes | upstream | backport, commit:101ee7cc96c7b10b12156388c41fe3bed6f878fa | 2023-03-08 |
All known versions for source package 'pistache'
- 0.4.26+ds-2 (experimental)
- 0.0.5+ds-5.1 (sid, trixie, forky)
- 0.0.5+ds-3 (bookworm)