Date: Sat, 19 Sep 2020 22:37:04 +0000 From: bugzilla-noreply@freebsd.org To: python@FreeBSD.org Subject: [Bug 249375] net-im/py-matrix-synapse: Update to 1.19.3 Message-ID: <bug-249375-21822-XiSE4RTWER@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-249375-21822@https.bugs.freebsd.org/bugzilla/> References: <bug-249375-21822@https.bugs.freebsd.org/bugzilla/>
index | next in thread | previous in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=249375 --- Comment #12 from Denis Kasak <dkasak@termina.org.uk> --- (In reply to Danilo G. Baio from comment #11) The security implication is that this is a classic DoS attack. An attacker sends a malformed event and breaks the application for other users, preventing them to join. Due to the federation, this is not limited to only the attacker's homeserver but to also all other participating homeservers in the room with the malformed event. It definitely seems like a security issue to me, but I'm curious to hear your opinion about it. -- You are receiving this mail because: You are on the CC list for the bug.help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-249375-21822-XiSE4RTWER>