Summary: | <app-admin/vault-1.14.8: denial of service via large HTTP requests | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | CONFIRMED --- | ||
Severity: | minor | CC: | zmedico |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://discuss.hashicorp.com/t/hcsec-2023-34-vault-vulnerable-to-denial-of-service-through-memory-exhaustion-when-handling-large-http-requests/60741 | ||
Whiteboard: | B3 [stable?] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 918420 | ||
Bug Blocks: |
Description
John Helmert III
![]() ![]() ![]() ![]() The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f1ee3a0737d807e5704a5f5455118bfe48af1f87 commit f1ee3a0737d807e5704a5f5455118bfe48af1f87 Author: Zac Medico <zmedico@gentoo.org> AuthorDate: 2023-12-18 04:45:10 +0000 Commit: Zac Medico <zmedico@gentoo.org> CommitDate: 2023-12-18 04:46:14 +0000 app-admin/vault: add 1.14.8 Bug: https://bugs.gentoo.org/920177 Signed-off-by: Zac Medico <zmedico@gentoo.org> app-admin/vault/Manifest | 2 + app-admin/vault/vault-1.14.8.ebuild | 86 +++++++++++++++++++++++++++++++++++++ 2 files changed, 88 insertions(+) |