5 Jan
2012
5 Jan
'12
9:07 p.m.
Hello guys, As you may know, "Denial of Service through hash table multi-collisions" was disclosed: http://permalink.gmane.org/gmane.comp.security.full-disclosure/83694 The hashable package is affected but not affected to Yesod suite. However, I guess we should provide size limitation of HTTP body on POST to Warp. # Of course, we should provide rate limiting, too. --Kazu