Another thing has been brougght to light. The site that experiencing memory corruption is running curl 7.29.0-57. Looking at the curl changelog
2020-06-02 - Kamil Dudka [log in to unmask] - 7.29.0-59
- http: free protocol-specific struct in setup_connection callback (#1836773)
2020-03-23 - Kamil Dudka [log in to unmask] - 7.29.0-58
- fix heap buffer overflow in function tftp_receive_packet() (CVE-2019-5482)
it appears a memory corruption issue was fixed in 7.29.0-58. At least two sites running http-tpc that have never experienced memory corruption run 7.29.0-59. So this strongly suggests that the site should upgrade curl. We have requested it do so.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or unsubscribe.
Triage notifications on the go with GitHub Mobile for iOS or Android.
[
{
"@context": "http://schema.org",
"@type": "EmailMessage",
"potentialAction": {
"@type": "ViewAction",
"target": "https://github.com/xrootd/xrootd/issues/1531#issuecomment-943753570",
"url": "https://github.com/xrootd/xrootd/issues/1531#issuecomment-943753570",
"name": "View Issue"
},
"description": "View this Issue on GitHub",
"publisher": {
"@type": "Organization",
"name": "GitHub",
"url": "https://github.com"
}
}
]
Use REPLY-ALL to reply to list
To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1