Loading...

XML

Word

Printable

Blocked:
False
Blocked Reason:
None
Ready:
False
Release Note Text:

Hide
Before this update an attacker could cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache was capped, an attacker sending very large keys could cause the server to allocate approximately 64 MiB per open connection.

Show
Before this update an attacker could cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache was capped, an attacker sending very large keys could cause the server to allocate approximately 64 MiB per open connection.
Release Note Type:
CVE - Common Vulnerabilities and Exposures
Git Pull Request:
https://github.com/redhat-developer/service-binding-operator/pull/1314, https://github.com/redhat-developer/service-binding-operator/pull/1316

Identified by:

Documentation Requirement: Yes/No (needs-docs|upstream-docs / no-doc)

Upstream: <Inputs/Requirement details>/ Not Applicable

Downstream: <Type: Doc defect/More inputs to doc>/ Not Applicable

Provide link to the relevant section
Provide doc inputs and details required

Release Notes Type: <New Feature/Enhancement/Known Issue/Bug
fix/Breaking change/Deprecated Functionality/Technology Preview>

links to