Yeah, he sits right next to me :) On Monday, February 3, 2020 at 12:56:17 AM UTC-5, Bert JW Regeer wrote: > > Just quickly following up on this. > > Thanks to Fil Zembowicz an issue was found in the regular expression used > to parse incoming headers, which may lead to a denial of service. This has > now been fixed in Waitress 1.4.3, please upgrade as soon as possible. > > https://pypi.org/project/waitress/1.4.3/ > > On Jan 9, 2020, at 07:51, 'Peter Lada' via pylons-discuss < > [email protected] <javascript:>> wrote: > > Github dependabot has opened a PR for me to upgrade to 1.4.2 (thanks for > the release), and I merged it yesterday around 1730. > > At around 1930 one of the 6 dynos (heroku, 1X instance, single CPU, 0.5GB > RAM) has come to get pegged at 1.0 load and timed out every subsequent > request (heroku router cuts connection after 30s). > > At 1945 it happened to another dyno. > > At around 2000 I restarted the dynos and the problem got rectified, > probably temporarily. > > I've reverted to 1.4.1 and the issue has not surfaced since (12 plus > hours). > > Has anyone else used 1.4.2 in production? Any issues? > > Sadly I cannot provide more info, beyond the 1,5,15-minute load avg graphs > as the logs just show timed out requests and no other info. > > --peter > Formsort.com > > -- > You received this message because you are subscribed to the Google Groups > "pylons-discuss" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] <javascript:>. > To view this discussion on the web visit > https://groups.google.com/d/msgid/pylons-discuss/54aa81bf-b935-4afc-b71c-f52d1fb15516%40googlegroups.com > > <https://groups.google.com/d/msgid/pylons-discuss/54aa81bf-b935-4afc-b71c-f52d1fb15516%40googlegroups.com?utm_medium=email&utm_source=footer> > . > <Screen Shot 2020-01-09 at 10.42.23.png> > > >
-- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/pylons-discuss/6baffa10-344f-4e3a-bf81-ade818a1fb16%40googlegroups.com.
