• last updated a few seconds ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates

Changeset {id} does not exist.

[BZ1861193] BZ1861194 additional payload length validation
[BZ1861193] one off patch
  1. /branches/JBOSSWEB_7_5_31_FINAL_BZ-1861193
  2. … 1177 more files in changeset.
BZ1861194 additional payload length validation.

Web 7.5.31
Update version number for Web 7.5.31
BZ1806501: Add request attribute name filter for AJP

CVE-2020-1938 from Tomcat. Patch ported by Brad Maxwell.

[BZ1806500] BZ1806501 - Change AjpRequestParser to ignore unknown request attributes and add a new option ALLOWED_REQUEST_ATTRIBUTES_PATTERN
[BZ1806500] one off patch
  1. /branches/JBOSSWEB_7_5_30_FINAL_BZ-1806500
  2. … 1177 more files in changeset.
[BZ1806500] moving patch to branches
[BZ1806500] one off patch
Web 7.5.30
Web 7.5.30
BZ1608654: Add host name verfication for WebSocket client
BZ1625416: Add a fix for mixed parameters, similar to Tomcat 58545. Patch by Aaron Ogburn.
[BZ-1628717] commit fix
[BZ-1628717] create one-off branch
  1. /branches/JBOSSWEB_7_5_28_FINAL_BZ-1628717
  2. … 1177 more files in changeset.
Web 7.5.29.
Web 7.5.29.
BZ1608656 - CVE-2018-1336: Fix overflow loop with UTF-8.
Web 7.5.28.
Web 7.5.28.
BZ1548975: Port Tomcat patch for CVE-2018-1304.
BZ1520539: Log all multi value headers. Submitted by Petr Jurak.
Web 7.5.27.
Web 7.5.27.
BZ1513302: Set DESx as MEDIUM. Patch submitted by Michal Babacek.
BZ1498331: Followup, some specific code for trailing / handling needed to be added.
Web 7.5.26.
Web 7.5.26.
BZ1498331: Port over new checks for CVE-2017-12615 and followups.