CVE-2023-31039: Apache bRPC: ServerOptions.pid_file may cause arbitrary code execution

Severity: important Affected versions: - Apache bRPC 0.9.0 before 1.5.0 Description: Security vulnerability in Apache bRPC <1.5.0 on all platforms allows attackers to execute arbitrary code via ServerOptions::pid_file. An attacker that can influence the ServerOptions pid_file parameter with wh

Oncall report from Apr 24th to May 7th

Hi During the last two weeks, 95 issues were closed and 11 PRs were merged: * Fix possible segment fault in delete_stats() of MultiDimension. (#2237): https://github.com/apache/brpc/pull/2238 * merge release 1.5 into master: https://github.com/apache/brpc/pull/2232 * Fix butex wait_pthread handle

Re: [PR] Force SSL for all connections of Acceptor (brpc)

wwbmmm commented on PR #2231: URL: https://github.com/apache/brpc/pull/2231#issuecomment-1537625723 LGTM -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-m

[brpc] branch master updated: Fix possible segment fault in delete_stats() of MultiDimension. (#2237) (#2238)

This is an automated email from the ASF dual-hosted git repository. wwbmmm pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/brpc.git The following commit(s) were added to refs/heads/master by this push: new 86427a50 Fix possible segment fault in delete_stat

Re: [PR] Fix possible segment fault in delete_stats() of MultiDimension. (#2237) (brpc)

wwbmmm merged PR #2238: URL: https://github.com/apache/brpc/pull/2238 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@brpc.apache.org F