search for: 31079

Hello! Four security issues were identified in nginx HTTP/3 implementation, which might allow an attacker that uses a specially crafted QUIC session to cause a worker process crash (CVE-2024-31079, CVE-2024-32760, CVE-2024-35200), worker process memory disclosure on systems with MTU larger than 4096 bytes (CVE-2024-34161), or might have potential other impact (CVE-2024-31079, CVE-2024-32760). The issues affect nginx compiled with the experimental ngx_http_v3_module (not compiled by default)...

Hello! В реализации HTTP/3 в nginx были обнаружены четыре проблемы, которые позволяют атакующему с помощью специально созданной QUIC-сессии вызвать падение рабочего процесса (CVE-2024-31079, CVE-2024-32760, CVE-2024-35200), отправку клиенту части содержимого памяти рабочего процесса на системах с MTU больше 4096 байт (CVE-2024-34161), а также потенциально могут иметь другие последствия (CVE-2024-31079, CVE-2024-32760). Проблемам подвержен nginx, если он собран с экспериментальным мод...

...e I press the single key to pickup the call to extension 100 when there is a call to it. From CLI, I can see it issue **100 to asterisk but failed to pickup the call. -- Executing [**100 at internal:1] Pickup("SIP/102-08373480", "100") in new stack [Dec 7 16:47:42] NOTICE[31079]: app_directed_pickup.c:159 pickup_exec: No target channel found for 100. -- Executing [**100 at internal:2] Hangup("SIP/102-08373480", "") in new stack Anyone can tell me if I make something wrong for the pickup cmd? asterisk version: 1.4.15

...спользовании HTTP/3 обработка специально созданной QUIC-сессии могла приводить к падению рабочего процесса, отправке клиенту содержимого памяти рабочего процесса на системах с MTU больше 4096 байт, а также потенциально могла иметь другие последствия (CVE-2024-32760, CVE-2024-31079, CVE-2024-35200, CVE-2024-34161). Спасибо Nils Bars из CISPA. *) Добавление: директивы proxy_limit_rate, fastcgi_limit_rate, scgi_limit_rate и uwsgi_limit_rate поддерживают переменные. *) Исправление: уменьшено потребление памяти для долгоживущих запросов, если используютс...

...29 May 2024 *) Security: when using HTTP/3, processing of a specially crafted QUIC session might cause a worker process crash, worker process memory disclosure on systems with MTU larger than 4096 bytes, or might have potential other impact (CVE-2024-32760, CVE-2024-31079, CVE-2024-35200, CVE-2024-34161). Thanks to Nils Bars of CISPA. *) Feature: variables support in the "proxy_limit_rate", "fastcgi_limit_rate", "scgi_limit_rate", and "uwsgi_limit_rate" directives. *) Bugfix: reduced memory cons...

...спользовании HTTP/3 обработка специально созданной QUIC-сессии могла приводить к падению рабочего процесса, отправке клиенту содержимого памяти рабочего процесса на системах с MTU больше 4096 байт, а также потенциально могла иметь другие последствия (CVE-2024-32760, CVE-2024-31079, CVE-2024-35200, CVE-2024-34161). Спасибо Nils Bars из CISPA. *) Исправление: уменьшено потребление памяти для долгоживущих запросов, если используются директивы gzip, gunzip, ssi, sub_filter или grpc_pass. *) Исправление: nginx не собирался gcc 14, если использовался пара...

...29 May 2024 *) Security: when using HTTP/3, processing of a specially crafted QUIC session might cause a worker process crash, worker process memory disclosure on systems with MTU larger than 4096 bytes, or might have potential other impact (CVE-2024-32760, CVE-2024-31079, CVE-2024-35200, CVE-2024-34161). Thanks to Nils Bars of CISPA. *) Bugfix: reduced memory consumption for long-lived requests if "gzip", "gunzip", "ssi", "sub_filter", or "grpc_pass" directives are used. *) Bugfix: nginx co...

...a machine that is trying its darndest to house a linux kernel cvs repository. The machine is a dual 733mhz p3 netfinity of some kind. 512M of mem. Filesystem 1k-blocks Used Available Use% Mounted on /dev/sda1 16484504 4015876 11631240 26% / /dev/sda2 31079 3199 26276 11% /boot /dev/sdb2 16516084 32828 15644264 1% /disk/sdb2 /dev/sdc1 141905076 344080 137235980 1% /disk/sdc1 $ grep sd /etc/fstab /dev/sda1 / ext3 defaults,errors=remount-ro 0 1 /dev/sda3 none swap sw 0 0 /dev/sdb1 none swap sw 0 0 /dev/s...

Hi. I hate to ask because I'm not sure if this is one of those questions that don't "deserve an answer" but here goes: My friend gave me a Kodak EZ-200 Webcam (USB) recently and I'm trying to configure it for use under CentOS 4.3. I did a little research on the web and found that the Kodak EZ200 is supported using gphoto2

I''ve been troubleshooting this problem for several hours now and haven''t been able to figure out what''s wrong. I have two boxes, dev and prod, both are identical except that prod uses Ruby 1.8.5 and dev uses 1.8.4. Both are running Slave 1.2.0, Daemons 1.0.5, and Backroundrb 0.2.1. The behavior I''m seeing is this. When I first start Backgroundrb, this is what

We're trying to set up linux based workstations that use a win2k AD/DC for authentication, and pam_mount to mount a share as the user's home directory. It looks like winbind isn't passing on the credentials (although it is getting us logged in). If anyone has made this work, I'd love the details. It looks like winbind isn't passing the auth information thanks jim

...well Arena Simulator causes crash. 29003 T4C: Crashes during or after patching phase 29875 MS Works 9.0 can't install (infinite waiting for estimating time) 29968 Final Fantasy XI crashes when unfocused in windowed mode 30079 Broken Sword - The Sleeping Dragon: Graphics corruption 31079 Fatal error during Stronghold Crusader Demo installation 31433 Foxit Reader 5.3.1.0606 crashes on startup 32245 Multiple applications crash on startup due to unimplemented function shell32.dll.SHExtractIconsW 32835 Batman: Arkham Asylum (non-Steam) Demo fails on startup (IWbemClassObject:...