Skip to content
Commit 06ae8ca5 authored by Daniel Stenberg's avatar Daniel Stenberg
Browse files

- When downloading compressed content over HTTP and the app as asked libcurl

  to automatically uncompress it with the CURLOPT_ENCODING option, libcurl
  could wrongly provide the callback with more data than what the maximum
  documented amount. An application could thus get tricked into badness if the
  maximum limit was trusted to be enforced by libcurl itself (as it is
  documented).

  This is further detailed and explained in the libcurl security advisory
  20100209 at

    http://curl.haxx.se/docs/adv_20100209.html
parent d33da423
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment