CVE-2023-44487 (Caddy) - Githubissues

klzgrad / naiveproxy

Make a fortune quietly

BSD 3-Clause "New" or "Revised" License

6.49k stars 873 forks source link

CVE-2023-44487 (Caddy) #573

Closed Chilledheart closed 10 months ago

Chilledheart commented 10 months ago

See https://github.com/caddyserver/caddy/issues/5877

It is fixed by upgrading golang https://github.com/golang/go/issues/63417 while the buildbot is still using old 1.18 golang.

Chilledheart commented 10 months ago

Update: New release 2.7.5 of caddy and new golang 1.21.3 is cut out. I don't have the cve testiment code but it should be sufficient to update both of caddy and golang.

crapthings commented 10 months ago

Will this fix solve the issue of frequent disconnections?

crapthings commented 10 months ago

it looks released 1 minite ago

https://github.com/klzgrad/forwardproxy/releases/tag/v2.7.5-caddy2-naive

klzgrad commented 10 months ago

Will this fix solve the issue of frequent disconnections?

Won't