diff options
| author | Peter Korsgaard <peter@korsgaard.com> | 2014-06-13 21:54:17 +0200 |
|---|---|---|
| committer | Peter Korsgaard <peter@korsgaard.com> | 2014-06-13 22:01:51 +0200 |
| commit | f86ec0b67f147d23928091f27529c5fd47ef5f02 (patch) | |
| tree | 1adea8570e741b9121dad57005367d17407a396b /package/haserl/0.9.30 | |
| parent | 07908c9145d8427c7cebaa72fedd69885e00d42e (diff) | |
haserl: bump 0.9.x version
Fixes a number of security issues and adds support for PUT/DELETE. From the
release mail:
<snip>
Stephen Röttger reported a number of security bugs, the most serious of
which is a potential heap overflow in sliding_buffer.c (file uploads).
There is a potential for remote code execution.
At the same time, I've made an *experimental* change to allow RESTful
API's possible:
* PUT and DELETE methods are handled by the POST and GET handlers.
* For mostly historical reasons, data on the URI is still called
GET.<var>, and data in the body is named POST.<var>
* If the Content-Type is not "application/x-www-form-urlencoded", Haserl
won't try to urldecode the POST contents - it will just put the body in
POST.body verbatim.
</snip>
The lua handling now uses pkg-config, so adjust the code to match.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Diffstat (limited to 'package/haserl/0.9.30')
0 files changed, 0 insertions, 0 deletions