[SECURITY] Mitigate denial-of-service scenarios in page error handler (fc51ccbf) · Commits · TYPO3 / TYPO3.CMS

Commit fc51ccbf authored 2 years ago by

Oliver Hader Committed by Oliver Hader 2 years ago

[SECURITY] Mitigate denial-of-service scenarios in page error handler

This fixes TYPO3-CORE-SA-2021-005 again, which accidentally had
been removed during TYPO3 v11 development. An inaccessible error
page amplified potential denial-of-service scenarios.

Resolves: #97818
Releases: main, 11.5
Change-Id: Ia9c666731f70db5e0a60572cd008f1d0c541af37
Security-Bulletin: TYPO3-CORE-SA-2022-006
Security-References: CVE-2022-36104
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/75709


Tested-by: Oliver Hader <oliver.hader@typo3.org>
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>

parent 8f788d94

Branches