[Bug 249375] net-im/py-matrix-synapse: Update to 1.19.3
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Sat Sep 19 22:37:04 UTC 2020
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=249375
--- Comment #12 from Denis Kasak <dkasak at termina.org.uk> ---
(In reply to Danilo G. Baio from comment #11)
The security implication is that this is a classic DoS attack. An attacker
sends a malformed event and breaks the application for other users, preventing
them to join.
Due to the federation, this is not limited to only the attacker's homeserver
but to also all other participating homeservers in the room with the malformed
event.
It definitely seems like a security issue to me, but I'm curious to hear your
opinion about it.
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the freebsd-python
mailing list