This repository has been archived by the owner on Apr 22, 2023. It is now read-only.
[DoS security vulnerability. Original title redacted] #6214
Labels
Comments
|
@isaacs Will you fix this issue on node 0.8? |
|
Yes, this is being back ported to 0.10 and 0.8. |
|
Nice job!
|
This was referenced Oct 19, 2013
|
This bug's CVE no': CVE-2013-4450. |
isaacs
added a commit
to isaacs/node-v0.x-archive
that referenced
this issue
Dec 4, 2013
If a client sends a lot more pipelined requests than we can handle, then we need to provide backpressure so that the client knows to back off. Do this by pausing both the stream and the parser itself when the responses are not being read by the downstream client. Fix nodejsGH-6214
trentm
added a commit
to TritonDataCenter/sdcnode
that referenced
this issue
Aug 29, 2014
trentm
added a commit
to TritonDataCenter/sdcnode
that referenced
this issue
Aug 29, 2014
++v0.10.21-zone (multiarch) ++v0.10.21-zone ++v0.8.26-zone --v0.8.25-zone Also drop the pre-patches for nodejs/node-v0.x-archive#6214 in earlier 0.10 and 0.8 versions. If you need that fix, then upgrade to 0.10.21 or 0.8.26.
trentm
added a commit
to TritonDataCenter/sdcnode
that referenced
this issue
Aug 29, 2014
Actually add v0.8.26-zone here (and v0.8.25-zone stays too, it is needed). ++v0.8.26-zone
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Redacted. (Fixed, but github doesn't have private issues, so responsible disclosure was never really an option.)
The text was updated successfully, but these errors were encountered: