Loading...

XML

Word

Printable

Type: Component Upgrade
Resolution: Done
Priority: Major
Fix Version/s: 23.0.3.Final, 24.0.0.Beta2, 24.0.0.Final
Affects Version/s: None
Component/s: None
Labels:
None

Git Pull Request:
https://github.com/wildfly/wildfly-core/pull/5875, https://github.com/wildfly/wildfly-core/pull/5876

Upgrade Undertow from 2.3.11.Final to 2.3.12.Final
Diff: https://github.com/undertow-io/undertow/compare/2.3.11.Final...2.3.12.Final

Release: https://issues.redhat.com/projects/UNDERTOW/versions/12423139

Full list of Jiras: https://issues.redhat.com/issues/?jql=project%20=%2012312521%20AND%20fixVersion%20=%2012423139%20ORDER%20BY%20priority%20DESC,%20key%20ASC

clones

WFCORE-6708 CVE-2024-1635 Upgrade JBoss Remoting to 5.0.28.Final

Resolved

incorporates

UNDERTOW-2336 CVE-2024-1635 At Http upgrade to remoting, WriteTimeoutStreamSinkConduit leaks connections if RemotingConnection is closed by Remoting ServerConnectionOpenListener

Closed

UNDERTOW-2280 CVE-2023-5379 AJP request which exceed max-header-size cause JBoss EAP to be marked as error status in httpd as a reverse-proxy

Closed

UNDERTOW-2345 ClientEndpointConfig stored SSLContext is ignored by Undertow implementation

Closed

UNDERTOW-2339 CVE-2024-1459 Directory traversal vulnerability when accessed via proxy

Closed

Assignee:: Flavia Rainone

Reporter:: Flavia Rainone

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2024/02/21 6:29 AM

Updated:: 2024/04/25 4:56 PM

Resolved:: 2024/02/22 8:58 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates