Improve the inflate method to prevent potential DoS vulnerability in Zlib::Inflate#779
Merged
Improve the inflate method to prevent potential DoS vulnerability in Zlib::Inflate#779
Conversation
…vulnerability in Zlib::Inflate by limiting the maximum decompressed size. The data is now inflated in chunks.
pitbulk
changed the title
…tibility with old versions
benjaminwols
added a commit
to ansdelft/ruby-saml
that referenced
this pull request
Feb 17, 2026
* Check message bytesize before Base64 validation * Adapt tests to be able to execute signature validation sooner * CI/CD: Update ubuntu version * Add Ruby 3.4 to the CI * Exclude Ubuntu-22.04 Ruby 2.2 from CI as it raises RubyGem/Bundler issues * Release 1.18.1 * Update Changelog * Fix several typos on the documentation and code. Add to the README how to force SP-Initiate flow and Prevent Reply Attacks * Improve the inflate method to prevent potential DoS vulnerability in Zlib::Inflate (SAML-Toolkits#779) Improve the inflate method. Prevent potential DoS vulnerability in Zlib::Inflate by limiting the maximum decompressed size. The data is now inflated in chunks. * Add sponsors: Github, SerpApi * Add warning about CVE-2025-66567 and CVE-2025-66568 CVE-2025-66567 and CVE-2025-66568 affects ruby-saml <= 1.12.4. Use ruby-saml 1.18.1 instead. * Revise vulnerability notice for ruby-saml Updated vulnerability notice to reflect affected versions. * Fix wrong link --------- Co-authored-by: Drew Blessing <[email protected]> Co-authored-by: Sixto Martin <[email protected]> Co-authored-by: Sixto Martin <[email protected]> Co-authored-by: Sixto Martin <[email protected]>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Improve the inflate method: Prevent potential DoS vulnerability in Zlib::Inflate by limiting the maximum decompressed size. The data is now inflated in chunks.