Skip to content

Release v1.6.3
Compare
Choose a tag to compare
@jirenius jirenius released this 01 Mar 12:37
· 122 commits to master since this release
v1.6.3
94251f3
This commit was signed with the committer’s verified signature.
jirenius Samuel Jirénius
GPG key ID: 673B2343FFADA796
Learn about vigilant mode.

Go Version

  • 1.14.4

RES Protocol Version

  • 1.2.1

Release info

Fixes a vulnerability where a long resource ID or method name (for call or auth requests) requested by a client would cause the NATS subject to exceed the maximum control line size, which in turn would disconnect Resgate from NATS. It would also would cause Resgate to fail to shut down properly.

This issue also affected HTTP requests with long URLs.

Fixes

  • #185 - Maximum control line size validation
Assets 10
Loading