Loading...

XML

Word

Printable

Type: Component Upgrade
Resolution: Done
Priority: Blocker
Fix Version/s: 30.0.0.Final
Affects Version/s: None
Component/s: None
Labels:
None

Git Pull Request:
https://github.com/wildfly/wildfly-core/pull/6538

Upgrade Undertow from 2.3.18.Final to 2.3.20.Final
Diff: https://github.com/undertow-io/undertow/compare/2.3.18.Final...2.3.20.Final

Release: https://issues.redhat.com/projects/UNDERTOW/versions/12468257

Full list of Jiras:

duplicates

WFCORE-7375 Upgrade Undertow from 2.3.18.Final to 2.3.20.Final (resolves CVE-2024-4109, CVE-2025-9784)

Resolved

incorporates

UNDERTOW-2574 BufferLeak on AbstractFramedChannel.allocateReferenceCountedBuffer

Closed

UNDERTOW-2608 Undertow Servlet 2.3.19 fails SecurityManager checks

Closed

UNDERTOW-2235 Properly handle non servlet methods dispatched as error into container

Closed

UNDERTOW-2340 RequestEncodingHandler does not update Content-Length after uncompressing

Closed

UNDERTOW-2361 Deflate request body support (content-encoding in request) does not work as expected

Closed

UNDERTOW-2511 CVE-2024-4109 undertow: information leakage via HTTP/2 request header reuse

Closed

UNDERTOW-2519 ProxyHandler uses encoded query string

Closed

UNDERTOW-2532 Websocket Session NPE

Closed

UNDERTOW-2555 AJP Redirect with unescaped characters in URL is not encoded

Closed

UNDERTOW-2565 HTTP2 sets exchange.queryString unencoded with allow unescaped characters in URL

Closed

UNDERTOW-2566 HttpRequestParser.handleQueryParameters can set an encoded query string

Closed

UNDERTOW-2567 Decoding of query strings with unescaped characters does not work in HTTP2 upgrade

Closed

UNDERTOW-2573 MultiParseParserDefinition can overwrite entity size in exchange request

Closed

WFLY-15829 JBWEB004248 causes empty reply

Coding In Progress

UNDERTOW-2556 Make sure max-post-size check for a request with a content-length is done before any response is sent from the server

Closed

(11 incorporates)

Assignee:: Flavia Rainone

Reporter:: Flavia Rainone

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2025/10/10 5:58 AM

Updated:: 2025/10/10 6:30 PM

Resolved:: 2025/10/10 6:30 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates

Hide