diff options
author | Loïc Hoguin <[email protected]> | 2024-04-05 22:07:50 +0200 |
---|---|---|
committer | Loïc Hoguin <[email protected]> | 2024-04-05 22:07:50 +0200 |
commit | 8bb4d5bfbd30255e8be6516bc741b5186d63841c (patch) | |
tree | 93c34a18f44c1872e6db94c92e9a4398a18749ed /_build/content/articles | |
parent | c197a82b450ff4ab347504a1bbbc2b81fc47bd4e (diff) | |
download | ninenines.eu-8bb4d5bfbd30255e8be6516bc741b5186d63841c.tar.gz ninenines.eu-8bb4d5bfbd30255e8be6516bc741b5186d63841c.tar.bz2 ninenines.eu-8bb4d5bfbd30255e8be6516bc741b5186d63841c.zip |
Diffstat (limited to '_build/content/articles')
-rw-r--r-- | _build/content/articles/cowboy-2.12.0.asciidoc | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/_build/content/articles/cowboy-2.12.0.asciidoc b/_build/content/articles/cowboy-2.12.0.asciidoc new file mode 100644 index 00000000..4b267945 --- /dev/null +++ b/_build/content/articles/cowboy-2.12.0.asciidoc @@ -0,0 +1,40 @@ ++++ +date = "2024-04-05T07:00:00+01:00" +title = "Cowboy 2.12" + ++++ + +Cowboy `2.12.0` has been released! + +Cowboy 2.12 contains a fix for a security vulnerability +in the HTTP/2 protocol implementation that has recently +been made public: +https://nowotarski.info/http2-continuation-flood/[HTTP/2 CONTINUATION Flood]. + +Cowboy adds a new HTTP/2 option `max_fragmented_header_block_size` +to control how much data is accepted in CONTINUATION +frames before an error is triggered. + +Cowboy 2.12 was produced and released a few weeks ago, +as a result of advance knowledge of this vulnerability. +If you already upgraded, you are safe! If not, please +upgrade as soon as possible. + +Both Cowboy and Cowlib must be upgraded. Cowlib 2.13 +has been produced for this fix. This is a minor release +and not a patch release only because of the newly added +option. + +Cowboy 2.12 requires Erlang/OTP 24.0 or greater. +It is tested and supported on Linux, macOS and Windows. + +A complete +list of changes can be found in the migration guide: +https://ninenines.eu/docs/en/cowboy/2.12/guide/migrating_from_2.11/[Migrating from Cowboy 2.11 to 2.12]. + +You can donate to this project via +https://github.com/sponsors/essen[GitHub Sponsors]. + +As usual, feedback is appreciated, and issues or +questions should be sent via Github tickets or +discussions. Thanks! |