Return-Path: Delivered-To: apmail-tomcat-dev-archive@www.apache.org Received: (qmail 43045 invoked from network); 22 Nov 2010 22:50:58 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 22 Nov 2010 22:50:58 -0000 Received: (qmail 7685 invoked by uid 500); 22 Nov 2010 22:51:29 -0000 Delivered-To: apmail-tomcat-dev-archive@tomcat.apache.org Received: (qmail 7623 invoked by uid 500); 22 Nov 2010 22:51:29 -0000 Mailing-List: contact dev-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Developers List" Delivered-To: mailing list dev@tomcat.apache.org Received: (qmail 7614 invoked by uid 99); 22 Nov 2010 22:51:29 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 22 Nov 2010 22:51:29 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 22 Nov 2010 22:51:27 +0000 Received: by eris.apache.org (Postfix, from userid 65534) id CB27923888E7; Mon, 22 Nov 2010 22:49:54 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1037927 - /tomcat/tc6.0.x/trunk/STATUS.txt Date: Mon, 22 Nov 2010 22:49:54 -0000 To: dev@tomcat.apache.org From: kkolinko@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20101122224954.CB27923888E7@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: kkolinko Date: Mon Nov 22 22:49:54 2010 New Revision: 1037927 URL: http://svn.apache.org/viewvc?rev=1037927&view=rev Log: proposal Modified: tomcat/tc6.0.x/trunk/STATUS.txt Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1037927&r1=1037926&r2=1037927&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Mon Nov 22 22:49:54 2010 @@ -95,15 +95,19 @@ PATCHES PROPOSED TO BACKPORT: Note: Don't change return type for parseEndChunk(), just return true. +1: markt, kkolinko -1: + kkolinko: Only if accompanied by a patch that sets limit on the maximum + size of ChunkedInputFilter.trailingHeaders buffer. I am proposing such a + patch below. Otherwise it would be vulnerable to a DOS. kkolinko: Additional patch: http://svn.apache.org/viewvc?rev=1033842&view=rev +1: kkolinko, markt -1: - kkolinko: Maybe we can/should add a system property to allow to impose - a limit on the trailers length? Via ByteChunk.setLimit(). - + kkolinko: Patch to impose limit on the trailers length: + http://svn.apache.org/viewvc?rev=1037924&view=rev + +1: kkolinko + -1: * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=50026 Force DefaultServlet to serve all resources relative to context root --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org For additional commands, e-mail: dev-help@tomcat.apache.org