Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[UNDERTOW-2207][UNDERTOW-2212][UNDERTOW-2239][UNDERTOW-2252] 2.2.x backport bug fixes #1457

Merged
merged 5 commits into from
Mar 30, 2023
Merged

[UNDERTOW-2207][UNDERTOW-2212][UNDERTOW-2239][UNDERTOW-2252] 2.2.x backport bug fixes #1457

merged 5 commits into from
Mar 30, 2023

Commits on Mar 26, 2023

  1. UNDERTOW-2207: UndertowOutputStream allows flush after writes 

    Previously, setting Content-Length would auto-close the stream
in such a way that a flush after the final write would throw
an IOException due to internal self-closure.
    @carterkozak @fl4via
    carterkozak authored and fl4via committed Mar 26, 2023
    Configuration menu
    Copy the full SHA
    fdaaa3b View commit details
    Browse the repository at this point in the history

  2. [UNDERTOW-2212] CVE-2022-4492 Server identity in https connection is … 

    …not checked by the undertow client

Signed-off-by: Flavia Rainone <frainone@redhat.com>
    @rmartinc @fl4via
    rmartinc authored and fl4via committed Mar 26, 2023
    Configuration menu
    Copy the full SHA
    a4d3b16 View commit details
    Browse the repository at this point in the history

  3. [UNDERTOW-2212] At the HttpClientTestCase.testSslServerIdentity test,… 

    … do not enforce the exception to be of type ClosedChannelException (see UNDERTOW-2249).

Signed-off-by: Flavia Rainone <frainone@redhat.com>
    @fl4via
    fl4via committed Mar 26, 2023
    Configuration menu
    Copy the full SHA
    a511cb5 View commit details
    Browse the repository at this point in the history

  4. [UNDERTOW-2239] CVE-2023-1108 At SslConduit.wrapAndFlip, do not attem… 

    …pt to wrap if engine.isInboundDone()

Signed-off-by: Flavia Rainone <frainone@redhat.com>
    @fl4via
    fl4via committed Mar 26, 2023
    Configuration menu
    Copy the full SHA
    1302c8c View commit details
    Browse the repository at this point in the history

  5. [UNDERTOW-2252] Potential fix for the SslConduit.dataToUnwrap buffer … 

    …leak

Signed-off-by: Flavia Rainone <frainone@redhat.com>
    @fl4via
    fl4via committed Mar 26, 2023
    Configuration menu
    Copy the full SHA
    f0a0f24 View commit details
    Browse the repository at this point in the history