Overview
Request 99252 accepted
- fix bnc#727543 - VUL-0: Apache tomcat vulnerable to hash collision attack
backport upstream changes:
* generic CSRF protection layer (to have FilterBase needed for
FailedRequestFilter)
http://svn.apache.org/viewvc?view=revision&revision=1030547
* add getCharset method for B2Converter
http://svn.apache.org/viewvc?view=revision&revision=1140904
* add isConfigProblemFatal method
http://svn.apache.org/viewvc?view=revision&revision=1199122
* GET POST parameter processing performance. Adds maximum number of
parameters per request (defaults to 10000) and new FailedRequestFilter for
rejecting requests with excessive number of parameters
http://svn.apache.org/viewvc?view=revision&revision=1200601
- fix bnc#712784 - tomcat6: add missing Requires on java >= 1.6.0
* add recommends on java >= 1.6.0 and java-devel >= 1.6.0
- with CSRF protection layer manager and host-manager now supports
new roles, see
* /srv/tomcat6/webapps/docs/manager-howto.html
* /srv/tomcat6/webapps/manager/WEB-INF/web.xml
* /srv/tomcat6/webapps/host-manager/WEB-INF/web.xml
Request History
mvyskocil created request
- fix bnc#727543 - VUL-0: Apache tomcat vulnerable to hash collision attack
backport upstream changes:
* generic CSRF protection layer (to have FilterBase needed for
FailedRequestFilter)
http://svn.apache.org/viewvc?view=revision&revision=1030547
* add getCharset method for B2Converter
http://svn.apache.org/viewvc?view=revision&revision=1140904
* add isConfigProblemFatal method
http://svn.apache.org/viewvc?view=revision&revision=1199122
* GET POST parameter processing performance. Adds maximum number of
parameters per request (defaults to 10000) and new FailedRequestFilter for
rejecting requests with excessive number of parameters
http://svn.apache.org/viewvc?view=revision&revision=1200601
- fix bnc#712784 - tomcat6: add missing Requires on java >= 1.6.0
* add recommends on java >= 1.6.0 and java-devel >= 1.6.0
- with CSRF protection layer manager and host-manager now supports
new roles, see
* /srv/tomcat6/webapps/docs/manager-howto.html
* /srv/tomcat6/webapps/manager/WEB-INF/web.xml
* /srv/tomcat6/webapps/host-manager/WEB-INF/web.xml
oertel accepted request
Accepted submit request 99252 from user mvyskocil