• last updated a few seconds ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
[BZ1861193] BZ1861194 additional payload length validation
    • -1
    • +1
    ./JBOSSWEB_7_5_31_FINAL_BZ-1861193/pom.xml
[BZ1861193] one off patch
    • -0
    • +178
    ./JBOSSWEB_7_5_31_FINAL_BZ-1861193/test/build.xml
    • -0
    • +12
    ./JBOSSWEB_7_5_31_FINAL_BZ-1861193/.classpath
  1. … 1177 more files in changeset.
BZ1861194 additional payload length validation.

Update version number for Web 7.5.31
BZ1806501: Add request attribute name filter for AJP

CVE-2020-1938 from Tomcat. Patch ported by Brad Maxwell.

[BZ1806500] BZ1806501 - Change AjpRequestParser to ignore unknown request attributes and add a new option ALLOWED_REQUEST_ATTRIBUTES_PATTERN
[BZ1806500] one off patch
    • -0
    • +143
    ./JBOSSWEB_7_5_30_FINAL_BZ-1806500/webapps/docs/config/loader.xml
  1. ./JBOSSWEB_7_5_30_FINAL_BZ-1806500/test/webapps/snoop
  2. … 1177 more files in changeset.
Web 7.5.30
BZ1608654: Add host name verfication for WebSocket client
BZ1625416: Add a fix for mixed parameters, similar to Tomcat 58545. Patch by Aaron Ogburn.
[BZ-1628717] commit fix
[BZ-1628717] create one-off branch
    • -0
    • +129
    ./JBOSSWEB_7_5_28_FINAL_BZ-1628717/src/main/java/org/apache/naming/NamingContextBindingsEnumeration.java
    • -0
    • +136
    ./JBOSSWEB_7_5_28_FINAL_BZ-1628717/webapps/docs/proxy-howto.xml
    • -0
    • +0
    ./JBOSSWEB_7_5_28_FINAL_BZ-1628717/webapps/ROOT/images/hdr_hdrtitle.gif
  1. … 1177 more files in changeset.
Web 7.5.29.
BZ1608656 - CVE-2018-1336: Fix overflow loop with UTF-8.
Web 7.5.28.
BZ1548975: Port Tomcat patch for CVE-2018-1304.
BZ1520539: Log all multi value headers. Submitted by Petr Jurak.
Web 7.5.27.
BZ1513302: Set DESx as MEDIUM. Patch submitted by Michal Babacek.
BZ1498331: Followup, some specific code for trailing / handling needed to be added.
Web 7.5.26.
BZ1498331: Port over new checks for CVE-2017-12615 and followups.
Web 7.5.25.
[BZ-1494661] merge one-off fix
[BZ-1494661] create one-off branch
  1. … 1177 more files in changeset.
[BZ-1493159] merge one-off fix
[BZ-1493159] create one-off branch
    • -0
    • +210
    ./JBOSSWEB_7_5_24_FINAL_BZ-1493159/webapps/docs/build.xml
    • -0
    • +324
    ./JBOSSWEB_7_5_24_FINAL_BZ-1493159/webapps/docs/funcspecs/fs-admin-opers.xml
  1. … 1177 more files in changeset.
[BZ-1491857] change HttpParser.requestTargetAllow to empty default
BZ1492870: Endpoint close has to be taken out of the sync to avoid a deadlock.
BZ1491857: Switch the default to the HTTP spec.