You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: CHANGELOG.md
+2-2Lines changed: 2 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,9 +1,9 @@
1
1
## Unreleased
2
2
3
-
:warning: This release introduces a 32MB hard limit on decoded snappy payloads to prevent potential OOM attacks. Requests with decoded payloads exceeding this limit will be rejected with HTTP 400 status code. See #1917 for details. :warning:
4
3
5
-
*[BUGFIX]exp/api: Reject malformed snappy payloads declaring huge decoded sizes. Enforce a 32MB decoded-size limit to prevent OOM from oversized remote-write requests. #1917.
4
+
## Unreleased `exp` module
6
5
6
+
*[BUGFIX] exp/api: Reject malformed snappy payloads declaring huge decoded sizes. Enforce a 32MB decoded-size limit to prevent OOM from oversized remote-write requests. #1917.
7
7
## 1.23.2 / 2025-09-05
8
8
9
9
This release is made to upgrade to prometheus/common v0.66.1, which drops the dependencies github.com/grafana/regexp and go.uber.org/atomic and replaces gopkg.in/yaml.v2 with go.yaml.in/yaml/v2 (a drop-in replacement).
0 commit comments