http://www.kb.cert.org/vuls/id/903934 should give you pointers to understand the problems, and http://www.ocert.org/advisories/ocert-2011-003.html has details about what is vulnerable from an HTTP request processing point of view. Fixing the underlying map / hash tools would be awesome, of course, because it makes the fundamental attack inaccessible.
I have no knowledge of either the Java or Clojure hash maps that would allow me to know if this actually applies here. Daniel On Sat, Dec 31, 2011 at 05:06, Hubert Iwaniuk <[email protected]> wrote: > Should we watch the whole video to see what you mean? > At what time is it important? > > Cheers, > Hubert > > > > On Sat, Dec 31, 2011 at 1:39 PM, Brian Mosley <[email protected]> > wrote: >> Saw this in a scala mailing list thread: >> >> http://www.youtube.com/watch?v=R2Cq3CLI6H8 >> >> Should the clojure hash be fixed? >> >> -- >> You received this message because you are subscribed to the Google >> Groups "Clojure" group. >> To post to this group, send email to [email protected] >> Note that posts from new members are moderated - please be patient with your >> first post. >> To unsubscribe from this group, send email to >> [email protected] >> For more options, visit this group at >> http://groups.google.com/group/clojure?hl=en > > -- > You received this message because you are subscribed to the Google > Groups "Clojure" group. > To post to this group, send email to [email protected] > Note that posts from new members are moderated - please be patient with your > first post. > To unsubscribe from this group, send email to > [email protected] > For more options, visit this group at > http://groups.google.com/group/clojure?hl=en -- ♲ Made with 100 percent post-consumer electrons -- You received this message because you are subscribed to the Google Groups "Clojure" group. To post to this group, send email to [email protected] Note that posts from new members are moderated - please be patient with your first post. To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/clojure?hl=en
