What's Changed
The main reason for this release is the following security fix:
- fix for Security: pre-auth DoS — invalid end() iterator dereference in multipart parser -check for existence of name header before using it by @gittiver in #1196
Other changes:
- Fix Routing's
methods_Bitmask Overflow by @DavidPetkovsek in #1169 - Creates static route for internalPath by @CarloDG80 in #1147
- Add 2 new fuzzing harnesses by @DavidKorczynski in #1173
- Add SBOM generation guide by @Xata in #1172
- added WebDav return Codes to docs by @gittiver in #1174
- add testcase for injected header, removed executable sample by @gittiver in #1175
- add App::WebSocketRule_t by @CarloDG80 in #1156
- Prevent possible integer overflow on multiplication by @gittiver in #1184
- fix for: Catchall route with return-value handler causes 404 on subsequent requests on a keep-alive connection by @gittiver in #1183
- Mustache custom template base by @BartelNieuwenhuyse in #1187
- No trailing zeroes in exponents - see #1042 by @RMRattray in #1191
- fix for Security: pre-auth DoS — invalid end() iterator dereference in multipart parser -check for existence of name header before using it by @gittiver in #1196
New Contributors
- @DavidKorczynski made their first contribution in #1173
- @Xata made their first contribution in #1172
- @BartelNieuwenhuyse made their first contribution in #1187
- @RMRattray made their first contribution in #1191
Full Changelog: v1.3.2...v1.3.3