Source: ulfius Version: 2.7.1-1 Severity: important Tags: security upstream
A security vulnerability exists in ulfius prior to version 2.7.4 CVE-2021-40540 [0] ulfius_uri_logger in Ulfius HTTP Framework before 2.7.4 omits con_info initialization and a con_info->request NULL check for certain malformed HTTP requests. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-40540 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40540 Thanks
