这是indexloc提供的服务,不要输入任何密码
Skip to content

chore(deps): update dependency h11 to v0.16.0 [security] #163

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): update dependency h11 to v0.16.0 [security] #163

wants to merge 1 commit into from

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Apr 25, 2025
edited
Loading

This PR contains the following updates:

Package Change Age Confidence
h11 ==0.14.0 -> ==0.16.0 age confidence

GitHub Vulnerability Alerts

CVE-2025-43859

Impact

A leniency in h11's parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions.

Details

HTTP/1.1 Chunked-Encoding bodies are formatted as a sequence of "chunks", each of which consists of:

  • chunk length
  • \r\n
  • length bytes of content
  • \r\n

In versions of h11 up to 0.14.0, h11 instead parsed them as:

  • chunk length
  • \r\n
  • length bytes of content
  • any two bytes

i.e. it did not validate that the trailing \r\n bytes were correct, and if you put 2 bytes of garbage there it would be accepted, instead of correctly rejecting the body as malformed.

By itself this is harmless. However, suppose you have a proxy or reverse-proxy that tries to analyze HTTP requests, and your proxy has a different bug in parsing Chunked-Encoding, acting as if the format is:

  • chunk length
  • \r\n
  • length bytes of content
  • more bytes of content, as many as it takes until you find a \r\n

For example, pound had this bug -- it can happen if an implementer uses a generic "read until end of line" helper to consumes the trailing \r\n.

In this case, h11 and your proxy may both accept the same stream of bytes, but interpret them differently. For example, consider the following HTTP request(s) (assume all line breaks are \r\n):

GET /one HTTP/1.1
Host: localhost
Transfer-Encoding: chunked

5
AAAAAXX2
45
0

GET /two HTTP/1.1
Host: localhost
Transfer-Encoding: chunked

0

Here h11 will interpret it as two requests, one with body AAAAA45 and one with an empty body, while our hypothetical buggy proxy will interpret it as a single request, with body AAAAXX20\r\n\r\nGET /two .... And any time two HTTP processors both accept the same string of bytes but interpret them differently, you have the conditions for a "request smuggling" attack. For example, if /two is a dangerous endpoint and the job of the reverse proxy is to stop requests from getting there, then an attacker could use a bytestream like the above to circumvent this protection.

Even worse, if our buggy reverse proxy receives two requests from different users:

GET /one HTTP/1.1
Host: localhost
Transfer-Encoding: chunked

5
AAAAAXX999
0

GET /two HTTP/1.1
Host: localhost
Cookie: SESSION_KEY=abcdef...

...it will consider the first request to be complete and valid, and send both on to the h11-based web server over the same socket. The server will then see the two concatenated requests, and interpret them as one request to /one whose body includes /two's session key, potentially allowing one user to steal another's credentials.

Patches

Fixed in h11 0.15.0.

Workarounds

Since exploitation requires the combination of buggy h11 with a buggy (reverse) proxy, fixing either component is sufficient to mitigate this issue.

Credits

Reported by Jeppe Bonde Weikop on 2025-01-09.

Release Notes

python-hyper/h11 (h11)

v0.16.0

Compare Source

v0.15.0

Compare Source

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@codesandbox
Copy link

codesandbox bot commented Apr 25, 2025

Review or Edit in CodeSandbox

Open the branch in Web EditorVS CodeInsiders

Open Preview

@bolt-new-by-stackblitz
Copy link

bolt-new-by-stackblitz bot commented Apr 25, 2025

Review PR in StackBlitz Codeflow Run & review this pull request in StackBlitz Codeflow.

@sourcery-ai
Copy link
Contributor

sourcery-ai bot commented Apr 25, 2025
edited
Loading

Reviewer's Guide by Sourcery

This pull request updates the h11 dependency from version 0.14.0 to 0.16.0 in both the ai-gateway and browser-agent applications. This update addresses CVE-2025-43859, a security vulnerability related to HTTP request smuggling due to lenient parsing of chunked-encoding.

Sequence diagram for HTTP Request Smuggling Vulnerability (h11 < 0.15.0)

sequenceDiagram
    participant Attacker
    participant BuggyProxy
    participant h11Server

    Attacker->>BuggyProxy: GET /one HTTP/1.1\nHost: localhost\nTransfer-Encoding: chunked\n\n5\nAAAAAXX2\n45\n0
    BuggyProxy->>h11Server: GET /one HTTP/1.1\nHost: localhost\nTransfer-Encoding: chunked\n\n5\nAAAAAXX2\n45\n0
    activate h11Server
    h11Server-->>Attacker: HTTP/1.1 200 OK (Request 1: /one with body AAAAA45)
    deactivate h11Server

    Attacker->>BuggyProxy: GET /two HTTP/1.1\nHost: localhost\nTransfer-Encoding: chunked\n\n0
    BuggyProxy->>h11Server: GET /two HTTP/1.1\nHost: localhost\nTransfer-Encoding: chunked\n\n0
    activate h11Server
    h11Server-->>Attacker: HTTP/1.1 200 OK (Request 2: /two with empty body)
    deactivate h11Server

    note over BuggyProxy, h11Server: h11 interprets as two requests, buggy proxy as one.
Loading

Sequence diagram for HTTP Request Handling (h11 >= 0.15.0)

sequenceDiagram
    participant Attacker
    participant Proxy
    participant h11Server

    Attacker->>Proxy: GET /one HTTP/1.1\nHost: localhost\nTransfer-Encoding: chunked\n\n5\nAAAAAXX2\n45\n0
    Proxy-->>Attacker: HTTP/1.1 400 Bad Request (Invalid Chunked Encoding)
    note over Proxy, h11Server: h11 now validates trailing \r\n bytes correctly.
Loading

File-Level Changes

Change Details Files
The h11 dependency was updated to address CVE-2025-43859, which involves a vulnerability related to lenient parsing of line terminators in chunked-coding message bodies.
  • Updated h11 dependency from version 0.14.0 to 0.16.0.
 apps/ai-gateway/requirements.txt
apps/browser-agent/requirements.txt
Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an
    issue from a review comment by replying to it. You can also reply to a
    review comment with @sourcery-ai issue to create an issue from it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull
    request title to generate a title at any time. You can also comment
    @sourcery-ai title on the pull request to (re-)generate the title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in
    the pull request body to generate a PR summary at any time exactly where you
    want it. You can also comment @sourcery-ai summary on the pull request to
    (re-)generate the summary at any time.
  • Generate reviewer's guide: Comment @sourcery-ai guide on the pull
    request to (re-)generate the reviewer's guide at any time.
  • Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
    pull request to resolve all Sourcery comments. Useful if you've already
    addressed all the comments and don't want to see them anymore.
  • Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
    request to dismiss all existing Sourcery reviews. Especially useful if you
    want to start fresh with a new review - don't forget to comment
    @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request
    summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

sourcery-ai[bot]
sourcery-ai bot reviewed Apr 25, 2025
View reviewed changes
Copy link
Contributor

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We have skipped reviewing this pull request. Here's why:

  • It seems to have been created by a bot (hey, renovate[bot]!). We assume it knows what it's doing!
  • We don't review packaging changes - Let us know if you'd like us to change this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sourcery-ai sourcery-ai[bot] sourcery-ai[bot] left review comments

Assignees

No one assigned

Labels

size/XS

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants