Package Release Info

libhtp-0.5.42-bp155.2.3.1

Update Info: openSUSE-2024-150
Available in Package Hub : 15 SP5 Update

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

libhtp-devel
libhtp2

Change Logs

* Sat Jun 01 2024 Andreas Stieger <andreas.stieger@gmx.de>
- CVE-2024-23837: excessive processing time of HTTP headers can
  lead to denial of service (boo#1220403)
  add CVE-2024-23837.patch
Version: 0.5.42-bp155.1.5
* Tue Nov 29 2022 Michael Ströder <michael@stroeder.com>
- Update to version 0.5.42
  * github: add initial workflow
  * htp: fixes warning about bad delimiter in URI
  * fuzz: fix a null dereference in a diff report
  * htp: fixes warning about integer
* Wed Sep 28 2022 Michael Ströder <michael@stroeder.com>
- Update to version 0.5.41
  * trim white space of invalid folding for first header
  * clear buffered data for body data
  * minor optimization for decompression code
* Mon Jun 27 2022 Otto Hollmann <otto.hollmann@suse.com>
- Update to version 0.5.40
  * uri: optionally allows spaces in uri
  * ints: integer handling improvements
  * headers: continue on nul byte
  * headers: consistent trailing space handling
  * list: fix integer overflow
  * util: remove unused htp_utf8_decode
  * fix 100-continue with CL 0
  * lzma: don't do unnecessary realloc
* Thu Nov 18 2021 Martin Hauke <mardnh@gmx.de>
- Update to version 0.5.39
  * host: ipv6 address is a valid host
  * util: one char is not always empty line
  * test and fuzz improvements
* Sun Jul 04 2021 Martin Hauke <mardnh@gmx.de>
- Update to version 0.5.38
  * consume empty lines when parsing chunks to avoid quadratic
    complexity.
* Wed Mar 03 2021 Martin Hauke <mardnh@gmx.de>
- Update to version 0.5.37
  * support request body decompression
  * several accuracy fixes
  * fuzz improvments
* Fri Dec 04 2020 Martin Hauke <mardnh@gmx.de>
- Update to version 0.5.36
  * fix a http pipelining issue
* Fri Oct 09 2020 Martin Hauke <mardnh@gmx.de>
- Update to version 0.5.35
  * fix memory leak in tunnel traffoc
  * fix case where chunked data causes excessive CPU use
* Sun Sep 13 2020 Martin Hauke <mardnh@gmx.de>
- Update to version 0.5.34
  * support data GAP handling
  * support 100-continue Expect
  * lzma: give more control over settings
Version: 0.5.33-bp152.1.1
* Wed Apr 29 2020 Martin Hauke <mardnh@gmx.de>
- Update to version 0.5.33
  * compression bomb protection
  * memory handling issue found by Oss-Fuzz
  * improve handling of anomalies in traffic
* Sun Dec 15 2019 Martin Hauke <mardnh@gmx.de>
- Update to version 0.5.32
  * bug fixes around pipelining
* Tue Sep 24 2019 Martin Hauke <mardnh@gmx.de>
- Udpate to version 0.5.31
  * various improvements related to 'HTTP Evader'
  * various fixes for issues found by oss-fuzz
  * adds optional LZMA decompression
* Tue Mar 26 2019 Martin Hauke <mardnh@gmx.de>
- Correct License
* Thu Mar 07 2019 Martin Hauke <mardnh@gmx.de>
- Update to version 0.5.30
  * array/list handing optimization
  * fuzz targets improvements
- Update to version 0.5.29
  * prepare for oss-fuzz integration
  * fix undefined behavior signed int overflow
  * make status code parsing more robust
* Sun Dec 16 2018 mardnh@gmx.de
- Update to version 0.5.28
  * Fix potential memory leaks
  * Fix string truncation compile warning
* Wed Jul 18 2018 mardnh@gmx.de
- Update to version 0.5.27
  * Folded header field can be parsed as separate if there are
    no data available to peek into [#159]
  * libhtp crash at deal multiple decompression [#158]
  * Fix configure flag handling
  * Fix auth/digist header parsing out of bounds read
* Sun Jun 03 2018 mardnh@gmx.de
- Specfile cleanup
- Update to version 0.5.26
  * allow missing requests [#128, #163]
  * fix memory leak when response line is body [#161]
  * fix build on MinGW [#162]
  * fix gcc7 compiler warnings [#157]
- Update to version 0.5.25
  * underscore in htp_validate_hostname [#149]
  * fix SONAME issue [#151]
  * remove unrelated docbook code from tree [#153]
- Update to version 0.5.24
  * fix HTTP connect handling issue [#150]
* Wed Mar 26 2014 stoppe@gmx.de
- Initial version 0.5.20