Date: Sat, 19 Sep 2020 22:37:04 +0000 From: bugzilla-noreply@freebsd.org To: python@FreeBSD.org Subject: [Bug 249375] net-im/py-matrix-synapse: Update to 1.19.3 Message-ID: <bug-249375-21822-XiSE4RTWER@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-249375-21822@https.bugs.freebsd.org/bugzilla/> References: <bug-249375-21822@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D249375 --- Comment #12 from Denis Kasak <dkasak@termina.org.uk> --- (In reply to Danilo G. Baio from comment #11) The security implication is that this is a classic DoS attack. An attacker sends a malformed event and breaks the application for other users, prevent= ing them to join. Due to the federation, this is not limited to only the attacker's homeserver but to also all other participating homeservers in the room with the malfor= med event. It definitely seems like a security issue to me, but I'm curious to hear yo= ur opinion about it. --=20 You are receiving this mail because: You are on the CC list for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-249375-21822-XiSE4RTWER>