Menu
▾
▴
[Devil-linux-software] neon 0.28.6 has been released [freshmeat.net]
|
From: freshmeat.net <no...@fr...> - 2009-08-19 09:19:48
|
Dear freshmeat.net subscriber, jorton just announced version 0.28.6 of neon on freshmeat.net. The changes are as follows: This release fixes two security issues. The "billion laughs" XML entity expansion attack allowed a denial of service by a malicious server if neon was linked against expat. The handling of NUL bytes in an SSL certificate subject name allowed a possible MITM attack. Project description: neon is an HTTP and WebDAV client library for Unix systems, with a C language API. It provides high-level interfaces to HTTP/1.1 and WebDAV methods, and a low-level interface to HTTP request/response handling, allowing new methods to be easily implemented. Detailed history and release notes are available here: http://freshmeat.net/projects/neon#release_304128 If you want to change your subscription to this project, please log in to: http://freshmeat.net/account/subscriptions Best regards, freshmeat.net |
