Skip to content

@richardlau richardlau released this Sep 15, 2020 · 4326 commits to master since this release

Notable Changes

This is a security release.

Vulnerabilities fixed:

  • CVE-2020-8251: Denial of Service by resource exhaustion CWE-400 due to unfinished HTTP/1.1 requests (Critical).
  • CVE-2020-8201: HTTP Request Smuggling due to CR-to-Hyphen conversion (High).

Commits

Assets 2