Описание
Security update for libhtp
This update for libhtp fixes the following issues:
- CVE-2024-23837: excessive processing time of HTTP headers can lead to denial of service (boo#1220403)
Список пакетов
SUSE Package Hub 15 SP5
libhtp-devel-0.5.42-bp156.3.3.1
libhtp2-0.5.42-bp156.3.3.1
SUSE Package Hub 15 SP6
libhtp-devel-0.5.42-bp156.3.3.1
libhtp2-0.5.42-bp156.3.3.1
openSUSE Leap 15.5
libhtp-devel-0.5.42-bp156.3.3.1
libhtp2-0.5.42-bp156.3.3.1
openSUSE Leap 15.6
libhtp-devel-0.5.42-bp156.3.3.1
libhtp2-0.5.42-bp156.3.3.1
Ссылки
- E-Mail link for openSUSE-SU-2024:0150-1
- SUSE Security Ratings
- SUSE Bug 1220403
- SUSE CVE CVE-2024-23837 page
Описание
LibHTP is a security-aware parser for the HTTP protocol. Crafted traffic can cause excessive processing time of HTTP headers, leading to denial of service. This issue is addressed in 0.5.46.
Затронутые продукты
SUSE Package Hub 15 SP5:libhtp-devel-0.5.42-bp156.3.3.1
SUSE Package Hub 15 SP5:libhtp2-0.5.42-bp156.3.3.1
SUSE Package Hub 15 SP6:libhtp-devel-0.5.42-bp156.3.3.1
SUSE Package Hub 15 SP6:libhtp2-0.5.42-bp156.3.3.1
Ссылки
- CVE-2024-23837
- SUSE Bug 1220403