From 82ce1aa7160c5bc8d539f0d810203782e9d6c20b Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sun, 8 Aug 2021 12:41:08 -0700 Subject: [PATCH] Assigned RUSTSEC-2021-0079 to hyper (#973) Co-authored-by: tarcieri --- .duplicate-id-guard | 2 +- ...TSEC-0000-0000.md => RUSTSEC-2021-0079.md} | 42 +++++++++---------- 2 files changed, 22 insertions(+), 22 deletions(-) rename crates/hyper/{RUSTSEC-0000-0000.md => RUSTSEC-2021-0079.md} (95%) diff --git a/.duplicate-id-guard b/.duplicate-id-guard index 3b331fd..3179210 100644 --- a/.duplicate-id-guard +++ b/.duplicate-id-guard @@ -1,3 +1,3 @@ This file causes merge conflicts if two ID assignment jobs run concurrently. This prevents duplicate ID assignment due to a race between those jobs. -8774b8ca3f52e5e81096af4b1102d97953873237a02fcda2b894a4980646b5db - +cff9f66e36ad0e534c0ec14edae51f51b0d9437fee65d73d2e6c1fb360dbe013 - diff --git a/crates/hyper/RUSTSEC-0000-0000.md b/crates/hyper/RUSTSEC-2021-0079.md similarity index 95% rename from crates/hyper/RUSTSEC-0000-0000.md rename to crates/hyper/RUSTSEC-2021-0079.md index 3c73411..9af1ed6 100644 --- a/crates/hyper/RUSTSEC-0000-0000.md +++ b/crates/hyper/RUSTSEC-2021-0079.md @@ -1,21 +1,21 @@ -```toml -[advisory] -id = "RUSTSEC-0000-0000" -package = "hyper" -date = "2021-07-07" -url = "https://github.com/hyperium/hyper/security/advisories/GHSA-5h46-h7hh-c6x9" -keywords = ["http", "parsing", "data loss"] -aliases = ["CVE-2021-32714", "GHSA-5h46-h7hh-c6x9"] - -[versions] -patched = [">= 0.14.10"] -``` - -# Integer overflow in `hyper`'s parsing of the `Transfer-Encoding` header leads to data loss - -When decoding chunk sizes that are too large, `hyper`'s code would encounter an integer overflow. Depending on the situation, -this could lead to data loss from an incorrect total size, or in rarer cases, a request smuggling attack. - -To be vulnerable, you must be using `hyper` for any HTTP/1 purpose, including as a client or server, and consumers must send -requests or responses that specify a chunk size greater than 18 exabytes. For a possible request smuggling attack to be possible, -any upstream proxies must accept a chunk size greater than 64 bits. +```toml +[advisory] +id = "RUSTSEC-2021-0079" +package = "hyper" +date = "2021-07-07" +url = "https://github.com/hyperium/hyper/security/advisories/GHSA-5h46-h7hh-c6x9" +keywords = ["http", "parsing", "data loss"] +aliases = ["CVE-2021-32714", "GHSA-5h46-h7hh-c6x9"] + +[versions] +patched = [">= 0.14.10"] +``` + +# Integer overflow in `hyper`'s parsing of the `Transfer-Encoding` header leads to data loss + +When decoding chunk sizes that are too large, `hyper`'s code would encounter an integer overflow. Depending on the situation, +this could lead to data loss from an incorrect total size, or in rarer cases, a request smuggling attack. + +To be vulnerable, you must be using `hyper` for any HTTP/1 purpose, including as a client or server, and consumers must send +requests or responses that specify a chunk size greater than 18 exabytes. For a possible request smuggling attack to be possible, +any upstream proxies must accept a chunk size greater than 64 bits.