Mailing Lists
|
|
cURL Mailing List Monthly Index Single Mail
curl-tracker Archives
[curl:bugs] #1251 Form boundary string should be truly random
From: Daniel Stenberg <bagder_at_users.sf.net>
Date: Mon, 24 Jun 2013 20:30:53 +0000
Here's my suggested patch, will push to master in a while unless someone protests.
Attachment: 0001-formpost-better-random-boundaries.patch (17.2 kB; text/x-patch)
--- ** [bugs:#1251] Form boundary string should be truly random** **Status:** open **Created:** Mon Jun 24, 2013 11:24 AM UTC by Floris **Last Updated:** Mon Jun 24, 2013 04:34 PM UTC **Owner:** Daniel Stenberg The use of predicatable pseudo-random numbers to generate the multipart/form boundary can lead to security issues in software using libcurl. See: http://localhost.re/p/solusvm-whmcs-module-316-vulnerability --- Sent from sourceforge.net because curl-tracker@cool.haxx.se is subscribed to https://sourceforge.net/p/curl/bugs/ To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/curl/admin/bugs/options. Or, if this is a mailing list, you can unsubscribe from the mailing list.Received on 2013-06-24 These mail archives are generated by hypermail. |
Page updated May 06, 2013.
web site info