-
Bug
-
Resolution: Won't Do
-
Major
-
None
-
24.0.0.Final
-
---
-
---
Hi Team,
Currently, we using the Wildfly-24 application server with the default undertow-core as 2.2.8.
Due to the exploitation of CVE-2023-1108, we wanted to upgrade undertow to the patched version 2.3.5/2.3.10 which has the fix.
Upgrading the overall Wildfly Application Server to a higher version [29/30] is time-consuming so that's not a solution for a quick workaround.
The ask would be :
- Can undertow-core only be upgraded in the wildfly suite?
- Is 2.3.5/2.3.10 supported in Wildfly-24?
Also, wanted to check if there is any plan to provide a new docker image with the fix for wildfly-24 versions