Last Modified: Nov 07, 2022
Affected Product:
See more info
BIG-IP LTM
Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 11.6.5.1, 11.6.5.2, 11.6.5.3
Opened: May 31, 2019
Severity: 3-Major
When the HTTP profile is configured with the Rechunk setting, and the payload is compressed, the HTTP compression profile may refuse to decompress the content if, during decompression, the uncompressed payload size would exceed the defined threshold.
A connection is reset due to an error, and a response is not served.
-- A virtual server is configured with an HTTP profile, specifying the recheck setting for response-chunking. -- Profile http-compression is also attached to the virtual server. -- A server provides a compressed response with a 'Transfer-Encoding: gzip' header. -- The compressed ratio of the uncompressed-to-compressed payload size exceeds the predefined threshold.
Adjust threshold and maximum allowed size in MBytes to allow a rejected response to pass the BIG-IP system using DB variables: compression.zlibinflateratio.threshold compression.zlibbombsensitivity.sizemb
None
