Skip to content

C
capnproto
Commit dc8078a3 authored by Kenton Varda's avatar Kenton Varda
Browse files
Options

Blog about additional security issue.

parent 0bbac93d
Hide whitespace changes
Inline Side-by-side
Showing with 16 additions and 0 deletions
doc/_posts/2015-03-05-another-cpu-amplification.md 0 → 100644
View file @ dc8078a3
---
layout: post
title: "Another security advisory -- Additional CPU amplification case"
author: kentonv
---
Unfortunately, it turns out that our fix for one of [the security advisories issued on Monday](2015-03-02-security-advisory-and-integer-overflow-protection.html) was not complete.
Fortunately, the incomplete fix is for the non-critical vulnerability. The worst case is that an attacker could consume excessive CPU time.
Nevertheless, we've issued [a new advisory](https://github.com/sandstorm-io/capnproto/tree/master/security-advisories/2015-03-05-0-c++-addl-cpu-amplification.md) and pushed a new release:
- Release 0.5.1.2: [source](https://capnproto.org/capnproto-c++-0.5.1.2.tar.gz), [win32](https://capnproto.org/capnproto-c++-win32-0.5.1.2.zip)
- Release 0.4.1.2: [source](https://capnproto.org/capnproto-c++-0.4.1.2.tar.gz)
Sorry for the rapid repeated releases, but we don't like sitting on security bugs.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment