From bfcf9e99c2bc6d09a6a9e00a62862c6a08b0586f Mon Sep 17 00:00:00 2001 From: Erick Tryzelaar Date: Sun, 7 May 2017 15:46:12 -0700 Subject: [PATCH] Advisory: cookie denial of service --- crates/cookie/RUSTSEC-0000-0000.toml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 crates/cookie/RUSTSEC-0000-0000.toml diff --git a/crates/cookie/RUSTSEC-0000-0000.toml b/crates/cookie/RUSTSEC-0000-0000.toml new file mode 100644 index 0000000..2c0601d --- /dev/null +++ b/crates/cookie/RUSTSEC-0000-0000.toml @@ -0,0 +1,16 @@ +[advisory] +package = "cookie" +patched_versions = ["< 0.6.0", "^0.6.2", ">= 0.7.6"] +dwf = [] +url = "https://github.com/alexcrichton/cookie-rs/pull/86" +title = "Large cookie Max-Age values can cause a denial of service" +date = "2017-05-06" +description = """ +Affected versions of this crate use the `time` crate and the method +`Duration::seconds` to parse the `Max-Age` duration cookie setting. This method +will panic if the value is greater than 2^64/1000 and less than or equal to +2^64, which can result in denial of service for a client or server. + +This flaw was corrected by explicitly checking for the `Max-Age` being in this +integer range and clamping the value to the maximum duration value. +"""