Comment 21 for bug 1394370
Revision history for this message
| Tristan Cacqueray (tristan-cacqueray) wrote Re: horizon login page is vulnerable to DOS attack | #21 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
@Eric alright, sadly I suspect Paul's comment #13 to be still valid (considering the attack only need an extra crafted cookie).
In order to threat this as a Class A, we need a fix that really mitigate the attack for all supported release...
FYI, the other options are:
* fix this publicly (might help to get a patch in).
* threat this as a B2 class type of bug (which mean fix and/or security note).
How long do you think it will take to have such a fix covering django-