Loading...

XML

Word

Printable

Type: Component Upgrade
Resolution: Done
Priority: Major
Fix Version/s: 25.0.0.Final
Affects Version/s: None
Component/s: None
Labels:
None

Git Pull Request:
https://github.com/wildfly/wildfly-core/pull/6073

Upgrade Undertow from 2.3.14.Final to 2.3.15.Final
Diff: https://github.com/undertow-io/undertow/compare/2.3.14.Final...2.3.15.Final

Release: https://issues.redhat.com/projects/UNDERTOW/versions/12429234

clones

WFCORE-6862 CVE-2024-6162 CVE-2024-27316 Upgrade Undertow to 2.3.14.Final

Resolved

incorporates

UNDERTOW-2418 Adjust properly session timeout also in case when FORM is combined with other mechanisms

Closed

UNDERTOW-2033 secure predicate unreliable with HTTP/2

Closed

UNDERTOW-2046 ProxyHandler passes hostname not IP in X-Forwarded-For

Closed

UNDERTOW-2343 Zero-Byte Response and Empty Response Code on Page Refresh with Wildfly 30 and Firefox

Closed

UNDERTOW-2357 HttpServer2 example does not handle jdk11?

Closed

UNDERTOW-2382 CVE-2024-3653 LearningPushHandler can lead to remote memory DoS attacks

Closed

UNDERTOW-2397 Handle Huffman encoding properly

Closed

UNDERTOW-2413 CVE-2024-5971 undertow: response write hangs in case of Java 17 TLSv1.3 NewSessionTicket

Closed

(4 incorporates)

Assignee:: Flavia Rainone

Reporter:: Flavia Rainone

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2024/07/16 3:19 PM

Updated:: 2024/10/19 6:32 AM

Resolved:: 2024/07/16 10:12 PM