mirror of
https://github.com/markqvist/Reticulum.git
synced 2026-04-27 14:20:35 +00:00
Prepare release
This commit is contained in:
Mark Qvist
parent
a21024a57e
commit
45e12cc668
1 changed files with 1 additions and 1 deletions
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
This maintenance release fixes a critical security issue, that would allow an attacker to craft a BZ2 decompression bomb via Resource transfers or Buffer StreamDataMessage, causing an out-of-memory condition and crashing the receiving process via OOM killer.
|
||||
|
||||
Big thanks to @defidude for discovering and reporting this vulnerability!
|
||||
Big thanks to @defidude (github.com/ratspeak) for discovering and reporting this vulnerability!
|
||||
|
||||
**Changes**
|
||||
- Fixed bz2 decompression bomb vulnerability in Resource transfer assembly and Buffer StreamDataMessage unpacking.
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue