Debian Patches

Status for pistache/0.0.5+ds-3

Patch Description Author Forwarded Bugs Origin Last update
fix-tls-listener-dos.patch fix DoS vulnerability in the SSL listener SSL_accept() would hang indefinitely with clients that say nothing
during TLS handshake as described in
<https://github.com/pistacheio/pistache/issues/1104>.
.
This patch sets a fixed handshake timeout to 10 seconds in order to
avoid changing public interfaces.
.
It also cherry-picks upstream commit
ef30dcc75881544f37d7c3dcb2e3f6d897721d53 which tests if the behaviour
of the TLS listener is actually fixed.
Andrea Pappacoda <andrea@pappacoda.it> yes upstream backport, commit:101ee7cc96c7b10b12156388c41fe3bed6f878fa 2023-03-08

All known versions for source package 'pistache'

Links