Hi Yang,
On Fri Aug 1, 2025 at 10:41 PM CEST, Yang Wang wrote:
Please find attached a proposed patch (NMU) for cpp-httplib version
0.18.7-2, addressing CVE-2025-46728 (Denial of Service via unbounded
chunked request handling).
This patch backports the upstream fix from v0.20.1:
https://github.com/yhirose/cpp-httplib/commit/7b752106ac42bd5b907793950d9125a0972c8e8e
Thanks for the patch! I've applied it locally, but I'll wait to push the
fix until I'll also fix the three grave CVEs reported as bug #1109340.
Bye :)
