Описание
S3 storage write is not aborted on errors leading to unbounded memory usage
Impact
Anyone using storage.blob.s3 introduced in 0.5.0 with storage.imapsql.
storage.imapsql local_mailboxes {
...
msg_store s3 {
...
}
}
Patches
The relevant commit is pushed to master and will be included in the 0.5.1 release.
No special handling of the issue has been done due to the small amount of affected users.
Workarounds
None.
References
Пакеты
Наименование
github.com/foxcpp/maddy
go
Затронутые версииВерсия исправления
< 0.5.1
0.5.1
7.5 High
CVSS3
Дефекты
CWE-772
7.5 High
CVSS3
Дефекты
CWE-772