commit | 8598060bacada41a0eb09d95c97744ff4e428f8e | [log] [tgz] |
---|---|---|
author | Daniel Veillard <veillard@redhat.com> | Thu May 13 14:55:12 2021 +0200 |
committer | Daniel Veillard <veillard@redhat.com> | Thu May 13 14:55:12 2021 +0200 |
tree | 9ef67577afaf25f2dae30e2fae749537b6b4b9cd | |
parent | bfd2f4300fb348a0fb8265a17546a0eb8bdec719 [diff] |
Patch for security issue CVE-2021-3541 This is relapted to parameter entities expansion and following the line of the billion laugh attack. Somehow in that path the counting of parameters was missed and the normal algorithm based on entities "density" was useless.