Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
server:monitoring
libhtp
libhtp.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libhtp.changes of Package libhtp
------------------------------------------------------------------- Thu Oct 3 12:37:06 UTC 2024 - Martin Hauke <mardnh@gmx.de> - Update to version 0.5.49 * headers: put a configurable limit on their numbers. * htp/table: only fetch element when needed. * fuzz: limits the number of transactions. * fuzz: improve debug output. * fuzz: flush to get full assertion text. * request: trim headers values also when there is no name. ------------------------------------------------------------------- Sat Jun 1 20:30:02 UTC 2024 - Andreas Stieger <andreas.stieger@gmx.de> - run tests, spec file tweaks ------------------------------------------------------------------- Thu Apr 25 20:11:06 UTC 2024 - Martin Hauke <mardnh@gmx.de> - Update to version 0.5.48 * decompressor: only take erroneous data on first try * autotools: run autoupdate to modernize build system - Update to version 0.5.47 * CVE-2024-28871 request: limit probing after missing protocol (boo#1222512) ------------------------------------------------------------------- Mon Feb 19 07:31:20 UTC 2024 - Otto Hollmann <otto.hollmann@suse.com> - Update to version 0.5.46 * tx: configurable number of maximum transactions * htp: offers possibility to remove transactions * headers: limit the size of folded headers * request: be more liberal about transfer-encoding value * request: continue processing even with invalid headers * http0.9: process headers if there are non-space characters * htp_util: fix spelling issue * src: fix -Wshorten-64-to-32 warnings * uri: normalization removes trailing spaces * CVE-2024-23837: excessive processing time of HTTP headers can lead to a denial of service (boo#1220403) ------------------------------------------------------------------- Thu Jul 27 08:56:06 UTC 2023 - Otto Hollmann <otto.hollmann@suse.com> - Update to version 0.5.45 * log: resist allocation failure * support HTTP Bearer authentication ------------------------------------------------------------------- Tue Jun 20 07:19:24 UTC 2023 - Otto Hollmann <otto.hollmann@suse.com> - Update to version 0.5.44 * response: only trim spaces at headers names end * response: skips lines before response line * headers: log a warning for chunks extension ------------------------------------------------------------------- Fri Apr 21 12:33:55 UTC 2023 - Otto Hollmann <otto.hollmann@suse.com> - Update to version 0.5.43 * htp: do not log content-encoding: none * htp: do not error on multiple 100 Continue * readme: remove note on libhtp not being stable * uri: fix compile warning strict-prototypes * bstr: fix compile warning strict-prototypes * fuzz_diff: Free the rust test object. * github: add CIFuzz workflow ------------------------------------------------------------------- Tue Nov 29 18:49:29 UTC 2022 - Michael Ströder <michael@stroeder.com> - Update to version 0.5.42 * github: add initial workflow * htp: fixes warning about bad delimiter in URI * fuzz: fix a null dereference in a diff report * htp: fixes warning about integer ------------------------------------------------------------------- Wed Sep 28 08:16:01 UTC 2022 - Michael Ströder <michael@stroeder.com> - Update to version 0.5.41 * trim white space of invalid folding for first header * clear buffered data for body data * minor optimization for decompression code ------------------------------------------------------------------- Mon Jun 27 21:32:51 UTC 2022 - Otto Hollmann <otto.hollmann@suse.com> - Update to version 0.5.40 * uri: optionally allows spaces in uri * ints: integer handling improvements * headers: continue on nul byte * headers: consistent trailing space handling * list: fix integer overflow * util: remove unused htp_utf8_decode * fix 100-continue with CL 0 * lzma: don't do unnecessary realloc ------------------------------------------------------------------- Thu Nov 18 20:57:18 UTC 2021 - Martin Hauke <mardnh@gmx.de> - Update to version 0.5.39 * host: ipv6 address is a valid host * util: one char is not always empty line * test and fuzz improvements ------------------------------------------------------------------- Sun Jul 4 11:53:54 UTC 2021 - Martin Hauke <mardnh@gmx.de> - Update to version 0.5.38 * consume empty lines when parsing chunks to avoid quadratic complexity. ------------------------------------------------------------------- Wed Mar 3 20:52:34 UTC 2021 - Martin Hauke <mardnh@gmx.de> - Update to version 0.5.37 * support request body decompression * several accuracy fixes * fuzz improvments ------------------------------------------------------------------- Fri Dec 4 17:09:01 UTC 2020 - Martin Hauke <mardnh@gmx.de> - Update to version 0.5.36 * fix a http pipelining issue ------------------------------------------------------------------- Fri Oct 9 18:36:44 UTC 2020 - Martin Hauke <mardnh@gmx.de> - Update to version 0.5.35 * fix memory leak in tunnel traffoc * fix case where chunked data causes excessive CPU use ------------------------------------------------------------------- Sun Sep 13 13:03:31 UTC 2020 - Martin Hauke <mardnh@gmx.de> - Update to version 0.5.34 * support data GAP handling * support 100-continue Expect * lzma: give more control over settings ------------------------------------------------------------------- Wed Apr 29 18:33:00 UTC 2020 - Martin Hauke <mardnh@gmx.de> - Update to version 0.5.33 * compression bomb protection * memory handling issue found by Oss-Fuzz * improve handling of anomalies in traffic ------------------------------------------------------------------- Sun Dec 15 10:23:41 UTC 2019 - Martin Hauke <mardnh@gmx.de> - Update to version 0.5.32 * bug fixes around pipelining ------------------------------------------------------------------- Tue Sep 24 18:14:16 UTC 2019 - Martin Hauke <mardnh@gmx.de> - Udpate to version 0.5.31 * various improvements related to 'HTTP Evader' * various fixes for issues found by oss-fuzz * adds optional LZMA decompression ------------------------------------------------------------------- Tue Mar 26 14:34:52 UTC 2019 - Martin Hauke <mardnh@gmx.de> - Correct License ------------------------------------------------------------------- Thu Mar 7 14:26:31 UTC 2019 - Martin Hauke <mardnh@gmx.de> - Update to version 0.5.30 * array/list handing optimization * fuzz targets improvements - Update to version 0.5.29 * prepare for oss-fuzz integration * fix undefined behavior signed int overflow * make status code parsing more robust ------------------------------------------------------------------- Sun Dec 16 19:58:57 UTC 2018 - mardnh@gmx.de - Update to version 0.5.28 * Fix potential memory leaks * Fix string truncation compile warning ------------------------------------------------------------------- Wed Jul 18 14:46:54 UTC 2018 - mardnh@gmx.de - Update to version 0.5.27 * Folded header field can be parsed as separate if there are no data available to peek into [#159] * libhtp crash at deal multiple decompression [#158] * Fix configure flag handling * Fix auth/digist header parsing out of bounds read ------------------------------------------------------------------- Sun Jun 3 20:25:48 UTC 2018 - mardnh@gmx.de - Specfile cleanup - Update to version 0.5.26 * allow missing requests [#128, #163] * fix memory leak when response line is body [#161] * fix build on MinGW [#162] * fix gcc7 compiler warnings [#157] - Update to version 0.5.25 * underscore in htp_validate_hostname [#149] * fix SONAME issue [#151] * remove unrelated docbook code from tree [#153] - Update to version 0.5.24 * fix HTTP connect handling issue [#150] ------------------------------------------------------------------- Wed Mar 26 08:38:47 UTC 2014 - stoppe@gmx.de - Initial version 0.5.20
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor