From e867ef71943d4db9afea9e43c1ff6bccfb6dba27 Mon Sep 17 00:00:00 2001 From: Tony Arcieri Date: Tue, 28 Feb 2017 09:02:18 -0800 Subject: [PATCH] Assign RUSTSEC-2017-0002 to hyper Original PR: https://github.com/RustSec/advisory-db/pull/12 --- Advisories.toml | 18 ++++++++++++++++++ ...C-0000-0000.toml => RUSTSEC-2017-0002.toml} | 1 + 2 files changed, 19 insertions(+) rename crates/hyper/{RUSTSEC-0000-0000.toml => RUSTSEC-2017-0002.toml} (97%) diff --git a/Advisories.toml b/Advisories.toml index 3ca3911..dad625b 100644 --- a/Advisories.toml +++ b/Advisories.toml @@ -14,3 +14,21 @@ secret will always be zero regardless of the private key used. This issue was fixed by checking for this class of keys and rejecting them if they are used. """ + +[[advisory]] +id = "RUSTSEC-2017-0002" +package = "hyper" +patched_versions = [">= 0.10.2", "< 0.10.0, >= 0.9.18"] +dwf = [] +date = "2017-01-23" +url = "https://github.com/hyperium/hyper/wiki/Security-001" +title = "headers containing newline characters can split messages" +description = """ +Serializing of headers to the socket did not filter the values for newline bytes (\r or \n), +which allowed for header values to split a request or response. People would not likely include +newlines in the headers in their own applications, so the way for most people to exploit this +is if an application constructs headers based on unsanitized user input. + +This issue was fixed by replacing all newline characters with a space during serialization of +a header value. +""" diff --git a/crates/hyper/RUSTSEC-0000-0000.toml b/crates/hyper/RUSTSEC-2017-0002.toml similarity index 97% rename from crates/hyper/RUSTSEC-0000-0000.toml rename to crates/hyper/RUSTSEC-2017-0002.toml index b9fc9e7..bc23c50 100644 --- a/crates/hyper/RUSTSEC-0000-0000.toml +++ b/crates/hyper/RUSTSEC-2017-0002.toml @@ -2,6 +2,7 @@ package = "hyper" patched_versions = [">= 0.10.2", "< 0.10.0, >= 0.9.18"] dwf = [] +date = "2017-01-23" url = "https://github.com/hyperium/hyper/wiki/Security-001" title = "headers containing newline characters can split messages" description = """