• last updated a few seconds ago
Constraints: committers
Constraints: files
Constraints: dates
CVE-2014-0227 backport
[JBWEB-311] make JspConfig.init thread safe
CVE-2014-0099 backport
CVE-2014-0096 & CVE-2014-0119 backports
Merge CVE-2014-0075 to 2.1.x
JBWEB-293: Add submitted patch for NPE.
New 2.1.16 build.
    • -1
    • +1
Port fix for CVE-2013-4286 (BZ 1074417).
Web 2.1.15.

    • -2
    • +2
Fix for JBPAPP-10023.

JBPAPP-10895 - JBossWeb memory leak with using SSL + Java security manager

[JBWEB-284] backport fix for PageContextImpl IllegalStateException
[JBWEB-278] backport from AS7-3834: fix unlockAccept shutdown hang
Fix IPvhosts by recycling localName (should be ok on 2.0 and 2.1 though).
Add missing changelog for r2210.

Start 2.1.14.GA

Fix minor XSS issue with Bayeux; probably not actually used.
Backport JBWEB-258 for better, more unique DigestAuthenticator nonces.

Fix for JBPAPP-9398.

Oops test code...

Make sure all the strings are reset (thank Kyle Lape).

[JBWEB-257] backporting fix from 7.2.x branch
Port patches to active branches.
  1. … 26 more files in changeset.
Fix regression of JBPAPP-6382.

[00591692] Port of "r1355" for JBPAPP-6382 bug introduced ?

See ASF https://issues.apache.org/bugzilla/show_bug.cgi?id=48627

Fix the maven/nexus new requirements.

    • -0
    • +22
    • -0
    • +19
    • -0
    • +19
    • -0
    • +19
Oops java6 ?

Arrange the multicast logic:

the tests were failing on hpux.

Remove the Http11NioProtocol that we don't support.