• last updated a few seconds ago
Constraints: committers
Constraints: files
Constraints: dates
Fix IPvhosts by recycling localName (should be ok on 2.0 and 2.1 though).
Port patches to active branches.
  1. … 26 more files in changeset.
Control value addition to number of parameter.

JBWEB-220: Add missing max parameters check.
Port r1858 from trunk.

Fix CVE-2011-2204.

Prevent user passwords appearing in log files if a runtime exception (e.g. OOME) occurs while creating a new user for a MemoryUserDatabase via JMX.

Port DIGEST improvements. (r1848)

Fix for CVE-2011-2526.

- Filter out multibyte chars when writing a char chunk.
Arrange the patch we had long ago for a customer case.

- Port fix for JBWEB-188.
- Improve use of the encoder and decoder maps.
Fix CVE-2010-1622.

Fix for CVE-2011-0013.

- Fix setting the read only attribute, the type was not right.
- Filter out invalid locale header.
[JBWEB-119] After repeated authentication tomcat again sends page with login form instead of protected static resource

Add thread name logging pattern to AccessLogValve capabilities for [JBPAPP-5512].
Allow extra response headers to be sent with a custom error page for [JBPAPP-5559].
Fix for JBPAPP-5293.

Fix Concurrent access to WeakHashMap in ConcurrentCache causing infinite loop and 100% CPU for [JBPAPP-5342].
Backport Tomcat Bug 42530: ManagerBase.backgroundProcess throws NullPointerException for [JBPAPP-4909].
Fix for JBPAPP-4911.

Fix session attribute NullPointerException for [JBPAPP-4890].
Add null checks for [JBPAPP-4789].
Fix Jasper duplicate variable names for [JBPAPP-4547].
- Fix possible NPE.

- Don't recycle buffered filter to save memory (only used in complex SSL operations).

Fix issue retrieving request parameters for POSTs with transfer-encoding: chunked for [JBPAPP-4485].
Add sslSessionCacheSize and sslSessionTimeout attributes to the HTTP Connector to control the ssl session maximum size and timeout for [JBPAPP-4498].