Created by: ackintosh
PR checklist
-
Read the contribution guidelines. -
Ran the shell script under ./bin/
to update Petstore sample so that CIs can verify the change. (For instance, only need to run./bin/{LANG}-petstore.sh
and./bin/security/{LANG}-petstore.sh
if updating the {LANG} (e.g. php, ruby, python, etc) code generator or {LANG} client's mustache templates). Windows batch files can be found in.\bin\windows\
. -
Filed the PR against the correct branch: master
,4.0.x
. Default:master
. -
Copied the technical committee to review the pull request if your PR is targeting a particular programming language.
Description of the PR
visionmedia/superagent 3.5.2 is vulnerable to ZIP bomb attacks. refs: NVD - CVE-2017-16129
It has been fixed in v3.7.0.
- Limit maximum response size. Prevents zip bombs (Kornel)