[web-devel] Security update: update to warp 2.0.3.3
Michael Snoyman
michael at snoyman.com
Thu Mar 6 05:22:45 UTC 2014
We received a security report yesterday of a regression in the Warp 2.0
series[1] related to Slowloris protection. Please see the issue for
details. The important information is:
* Versions prior to 2.0 are not affected.
* Updating to 2.0.3.3 solves the problem.
Yesod users: I've just released a new version of yesod-platform which
updates the warp dependency.
If there are any questions, please let me know.
[1] https://github.com/yesodweb/wai/issues/231
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.haskell.org/pipermail/web-devel/attachments/20140306/d990cd89/attachment.html>
More information about the web-devel
mailing list