Skip to content

Commit 27e2050

Browse files
ShogunPandaRafaelGSS
ShogunPanda
authored and
RafaelGSS
committed
http: disable request smuggling via empty headers
PR-URL: nodejs-private/node-private#427 Fixes: https://hackerone.com/reports/2001873 Refs: nodejs-private/llhttp-private#13 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> CVE-ID: CVE-2023-30589
1 parent 0459bf9 commit 27e2050

File tree

4 files changed

+634
-477
lines changed

4 files changed

+634
-477
lines changed

deps/llhttp/CMakeLists.txt

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
cmake_minimum_required(VERSION 3.5.1)
22
cmake_policy(SET CMP0069 NEW)
33

4-
project(llhttp VERSION 8.1.0)
4+
project(llhttp VERSION 8.1.1)
55
include(GNUInstallDirs)
66

77
set(CMAKE_C_STANDARD 99)

deps/llhttp/include/llhttp.h

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33

44
#define LLHTTP_VERSION_MAJOR 8
55
#define LLHTTP_VERSION_MINOR 1
6-
#define LLHTTP_VERSION_PATCH 0
6+
#define LLHTTP_VERSION_PATCH 1
77

88
#ifndef LLHTTP_STRICT_MODE
99
# define LLHTTP_STRICT_MODE 0

0 commit comments

Comments
 (0)