Projetos/rpi-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0964bf05e9bf136b6ee3c86461b9d3a94f8a038d
rpi-buildroot/package/libhtp/libhtp.hash
Thomas Perale 0e450a0b08 package/libhtp: security bump to v0.5.51 
For more information on the release, see:
 - https://github.com/OISF/libhtp/releases/tag/0.5.51
 - https://github.com/OISF/libhtp/releases/tag/0.5.50
 - https://github.com/OISF/libhtp/compare/0.5.49...0.5.51

This fixes the following vulnerability:

- CVE-2025-53537

    LibHTP is a security-aware parser for the HTTP protocol and its
    related bits and pieces. In versions 0.5.50 and below, there is a
    traffic-induced memory leak that can starve the process of memory,
    leading to loss of visibility. To workaround this issue, set
    `suricata.yaml app-layer.protocols.http.libhtp.default-config.lzma-
    enabled` to false. This issue is fixed in version 0.5.51.

For more information, see:
  - https://www.cve.org/CVERecord?id=CVE-2025-53537
  - https://github.com/OISF/libhtp/security/advisories/GHSA-v3qq-h8mh-vph7

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-08-08 00:26:50 +02:00

4 lines
197 B
Plaintext
Raw Blame History

# Locally computed:
sha256 699475c2e512d5af05312e808f1f759a5d3c4cb154e73d82eaa6906ceacfaeb4 libhtp-0.5.51.tar.gz
sha256 87c93904e5434c81622ea690c2b90097b9f162aaa92a96542649a157dbf98d15 LICENSE
Reference in New Issue View Git Blame Copy Permalink