Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 2.2.25.SP1, 2.2.26.SP1, 2.3.8.SP1, 2.2.27.SP1, 2.3.9.SP1, 2.3.10.SP1, 2.2.30.SP1, 2.3.11.SP1, 2.3.12.Final, 2.2.31.Final
Affects Version/s: None
Component/s: None
Labels:
None

Git Pull Request:
https://gitlab.cee.redhat.com/undertow-io/undertow/-/merge_requests/75, https://gitlab.cee.redhat.com/undertow-io/undertow/-/commit/7b5e7c47c45eb557e0c47b323213e4356490f906, https://gitlab.cee.redhat.com/undertow-io/undertow/-/commit/fe83cbff4b7fdead78f19d1ee987a24a21257db1, https://gitlab.cee.redhat.com/undertow-io/undertow/-/commit/240f6f0e89c24b531fdb22a28ac16e9e0a7f1665, https://gitlab.cee.redhat.com/undertow-io/undertow/-/commit/e933395d3eb65412fe5bed77dd29ae3bb875ea04, https://github.com/undertow-io/undertow/pull/1555, https://github.com/undertow-io/undertow/pull/1559

When an AJP request is sent that exceeds the max-header-size attribute in ajp-listener, JBoss EAP is marked as an error state by mod_cluster in httpd. The problem is that requests exceeding the max-header-size cause JBoss EAP to close the TCP connection without returning an AJP response.

is incorporated by

WFCORE-6709 CVE-2023-5379 CVE-2024-1459 CVE-2024-1635 Upgrade Undertow to 2.3.12.Final

Resolved

Assignee:: Flavia Rainone

Reporter:: Flavia Rainone

Involved:: Bartosz Baranowski, Brad Maxwell, Masafumi Miura, Norito Agetsuma, Parul Sharma, Richard Opalka, Stefano Maestri, Stuart Douglas, Tom Jenkinson

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2023/06/08 4:20 AM

Updated:: 2024/04/18 9:42 PM

Resolved:: 2023/06/08 5:17 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates

Hide