CVE-2022-3456 Allocating resources without limits or throttling in a GitHub repository prior to 2.5.0.
In most cases, GitHub will automatically throttle the read/write speed of your repos to avoid overloading the system. If you would like to disable this feature, you can do so by setting up rdiff to use a custom read-ahead buffer size. We recommend setting this value to at least 1MB. For example, to enable read-ahead of 2MB, you would set the following setting in your repository's settings: -Xms256m
In order to prevent your code from slowing down due to heavy traffic, it is a good idea to set up rdiff to use a custom read-ahead buffer size. We recommend setting this value to at least 1MB. For example, to enable read-ahead of 2MB, you would set the following setting in your repository's settings: -Xms256m
Configure rdiff on your CI server
The default read-ahead buffer size in rdiff is 256MB. If you have a large repo, this may be too low.
Check the status of your repositories
You can check the status of your repositories by visiting:
https://status.github.com/
If you have enabled rdiff, you should also see a related message in the bottom left of the status page.
What is Read-Ahead?
When a repository is read-ahead, the system will buffer data in memory and send it to the client as soon as it is needed. This prevents reads from hitting disk and incurring unnecessary network latency when your repo is accessed.
Timeline
Published on: 10/13/2022 20:15:00 UTC
Last modified on: 10/14/2022 09:18:00 UTC