v1.4.1
Notable Changes
The vulnerability could allow an attacker to consume excessive amounts of memory on the server by bypassing read limits, and potentially cause the server to go out-of-memory (OOM).
See the published security advisory for more details.
Credit to Max Justicz (https://justi.cz/) for discovering and reporting this, as well as providing a robust PoC and review.
CHANGELOG
- cdeeb14 Upgrade gotils (Sergio Andres Virviescas Santana)
- 9f866a0 Upgrade fasthttp to v1.4.0 (Sergio Andres Virviescas Santana)
- 1f864ca Create SECURITY.md (Kirill Danshin)
- 898d5d0 Upgrade fasthttp to v1.3.0 and gotils (Sergio Andres Virviescas Santana)
- d07f92a Add support to go 1.12 (Sergio Andres Virviescas Santana)
- 8e5a1dc Upgrade fasthttp to v1.2.0 (Sergio Andres Virviescas Santana)
- 7eb5830 Avoid defer (Sergio Andres Virviescas Santana)
- 6af130c Upgrade fasthttp and gotils (Sergio Andres Virviescas Santana)
- 9ead52e Improvements (Sergio Andres Virviescas Santana)
- 7301318 Update README, dep will be deprecated (Sergio Andres Virviescas Santana)
- 9ffe4aa Remove dep support (Sergio Andres Virviescas Santana)
- 55b3f8b Support Go modules (Sergio Andres Virviescas Santana)
- 184a914 Add "in bytes" to sizes in fasthttp documentation (Sergio Andres Virviescas Santana)