Sent from my iPhone > On Aug 3, 2025, at 11:48, Andrea Pappacoda <[email protected]> wrote: > > CAUTION: This email comes from a non Wind River email account! > Do not click links or open attachments unless you recognize the sender and > know the content is safe. > > Hi Yang, > >> On Fri Aug 1, 2025 at 10:41 PM CEST, Yang Wang wrote: >> Please find attached a proposed patch (NMU) for cpp-httplib version >> 0.18.7-2, addressing CVE-2025-46728 (Denial of Service via unbounded >> chunked request handling). >> >> This patch backports the upstream fix from v0.20.1: >> https://github.com/yhirose/cpp-httplib/commit/7b752106ac42bd5b907793950d9125a0972c8e8e > > Thanks for the patch! I've applied it locally, but I'll wait to push the > fix until I'll also fix the three grave CVEs reported as bug #1109340.
Sure, and I can help if you need me to fix them. Thanks, Yang > > Bye :)
