• last updated a few seconds ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
[JBWEB-300] synchronize JSSESupport keySizeCache access
[JBWEB-300] synchronize JSSESupport keySizeCache access
New 7.4.4 web build.
New 7.4.4 web build.
Port CVE-2014-0075: Avoid overflow and use bit shift instead.
Port fixes for CVE-2014-0119 (low) and CVE-2014-0096: Issue using global XSLT in the default servlet (not used in EAP), and leak issue using XML parsing in Jasper.
Port patch for CVE-2014-0099: Fix possible overflow when parsing long values from a byte array.
New 7.4.3 web build.
New web build.
Flip the default (no change besides that).
Port Tomcat patch: catch possible ISE on write for clean handling.
- Rather than just reverting again, add a system property. The default is what it was before reverting it.

- Either way passes the TCK for me.

Revert r2418 (useless extra sync).
Revert again. Besides cosmetics when using a closed session during the event processing, it doesn't cause any actual issues, but it could have side effects.
Sync process with event as some random behavior is still reported.
BZ1086399: Tentative plumbing for CDI support, submitted by Stuart Douglas.
BZ1100486: Try again, make sure there's no keepalive after an upgraded connection processing.
BZ1100486: Try to resolve a discrepancy with Tomcat's behavior, since in the websocket implementation nothing will actually close the connection, only the streams will be closed (where they just close the socket). So try the usual close.
Sync with Tomcat's websockets update: improve executor handling.
BZ1078204: Support OpenSSL syntax for ciphers, and change the default cipher suite. Submitted by Emmanuel Hugonnet.
BZ1097763: Identify apparently missing code in non blocking mode to make sure the data can fit in the buffer, so possible fix.
[BZ-1093718] commit merged fix
[BZ-1093718] create one-off branch
  1. /branches/JBOSSWEB_7_2_2_FINAL_BZ-1093718
  2. … 1011 more files in changeset.
New web build.
New web build.
Add null check (for a support case).
BZ1091849: Switch back the default connector to java.io.
BZ1090103: NIO2 needs a sync to avoid event concurrency as there's no guarantee they will go through the poller.
[BZ-1086847] commit CVE-2013-4286 fix