libhtp: update to version 0.5.48 (!1205) · Merge requests · Turris / Turris OS / Turris OS packages · GitLab

GitLab now enforces expiry dates on tokens that originally had no set expiration date. Those tokens were given an expiration date of one year later. Please review your personal access tokens, project access tokens, and group access tokens to ensure you are aware of upcoming expirations. Administrators of GitLab can find more information on how to identify and mitigate interruption in our documentation.

Self sign-up has been disabled due to increased spam activity. If you want to get access, please send an email to a project owner (preferred) or at gitlab(at)nic(dot)cz. We apologize for the inconvenience.

Richard Muzik requested to merge feature/bump-libhtp-0548 into develop Jul 04, 2024

0.5.48 (22 April 2024)

decompressor: only take erroneous data on first try
autotools: run autoupdate to modernize build system

0.5.47 (19 March 2024)

request: limit probing after missing protocol

0.5.46 (08 February 2024)

tx: configurable number of maximum transactions
htp: offers possibility to remove transactions
headers: limit the size of folded headers
request: be more liberal about transfer-encoding value
request: continue processing even with invalid headers
http0.9: process headers if there are non-space characters
htp_util: fix spelling issue
src: fix -Wshorten-64-to-32 warnings
uri: normalization removes trailing spaces

0.5.45 (11 July 2023)

log: resist allocation failure
support HTTP Bearer authentication

0.5.44 (13 June 2023)

response: only trim spaces at headers names end
response: skips lines before response line
headers: log a warning for chunks extension

0.5.43 (13 April 2023)

htp: do not log content-encoding: none
htp: do not error on multiple 100 Continue
readme: remove note on libhtp not being stable
uri: fix compile warning strict-prototypes
bstr: fix compile warning strict-prototypes
fuzz_diff: Free the rust test object.
github: add CIFuzz workflow

0.5.42 (27 November 2022)

github: add initial workflow
htp: fixes warning about bad delimiter in URI
fuzz: fix a null dereference in a diff report
htp: fixes warning about integer

0.5.41 (27 September 2022)

trim white space of invalid folding for first header
clear buffered data for body data
minor optimization for decompression code

0.5.40 (21 April 2022)

uri: optionally allows spaces in uri
ints: integer handling improvements
headers: continue on nul byte
headers: consistent trailing space handling
list: fix integer overflow
util: remove unused htp_utf8_decode
fix 100-continue with CL 0
lzma: don't do unnecessary realloc

0.5.39 (16 November 2021)

host: ipv6 address is a valid host
util: one char is not always empty line
test and fuzz improvements

0.5.38 (30 June 2021)

consume empty lines when parsing chunks to avoid quadratic complexity
autotools fix for cygwin