Wednesday, January 13, 2016

H2O 1.6.2 released fixing a response splitting vulnerability in redirect handler

I have just released H2O version 1.6.2 that includes a fix for a response splitting vulnerability found in prior releases.

Users using the redirect directive are affected; they are advised to update immediately.

Edit: version 1.7.0-beta3 has also been released fixing the same issue in the earlier releases of 1.7.0 beta series.

Related Links:
https://github.com/h2o/h2o/releases/tag/v1.6.2
https://h2o.examp1e.net/vulnerabilities.html#CVE-2016-1133
https://github.com/h2o/h2o/issues/682
https://github.com/h2o/h2o/pull/684

11 comments:

  1. Vow Awesome Great Share, I know the hard word you put to have a great post. Thanks for the Awesome share.
    Wicked Temptations Coupons
    Wicked Temptations Coupon
    Wicked Temptations Coupon Code
    Wicked Temptations Promo Code

    ReplyDelete