qingdaoheze commented on PR #868:
URL: https://github.com/apache/tomcat/pull/868#issuecomment-2976145027
https://github.com/user-attachments/assets/f15d8b35-a570-4bf3-a5be-325404a9d409";
/>
@rmaucher When the org.apache.coyote.Request pool is used, its
org.apache.coyote.Request#reqPr
https://bz.apache.org/bugzilla/show_bug.cgi?id=69710
--- Comment #13 from Remy Maucherat ---
The previous defaults were there without doing the math (and even more often
new features were added on top of the existing defaults), so when you multiply
everything it gets out of hand.
Obviously mitig
This is an automated email from the ASF dual-hosted git repository.
jfclere pushed a change to branch jfclere-patch-1
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
at 5d2fd2249 remove forgotten ref: trunk element.
This branch includes the following new commits:
This is an automated email from the ASF dual-hosted git repository.
jfclere pushed a commit to branch jfclere-patch-1
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
commit 5d2fd22497ad313bf395c69209c6057124885f72
Author: Jean-Frederic Clere
AuthorDate: Mon Jun 16 16:47:37 20
jfclere opened a new pull request, #29:
URL: https://github.com/apache/tomcat-native/pull/29
Sorry I forgot to remove it in my previous PR.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the spe
jfclere closed pull request #3: scripts, maven pom.xml and class to help to
load libraries from a jar
URL: https://github.com/apache/tomcat-native/pull/3
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go
Author: markt
Date: Mon Jun 16 13:57:16 2025
New Revision: 1926475
URL: http://svn.apache.org/viewvc?rev=1926475&view=rev
Log:
Add CVE-2025-48976, -48988, -49124, -49125
Modified:
tomcat/site/trunk/docs/security-10.html
tomcat/site/trunk/docs/security-11.html
tomcat/site/trunk/docs/se
This is an automated email from the ASF dual-hosted git repository.
jfclere pushed a change to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
from 82c308fd4 Add note about needing a C compiler and autoconf/automake
add e9186c302 Add a build test for wind
jfclere merged PR #26:
URL: https://github.com/apache/tomcat-native/pull/26
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apach
This is an automated email from the ASF dual-hosted git repository.
jfclere pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
commit c1dc845431a4134a0fb714285fa46fdebf6b8ca2
Merge: 82c308fd4 e9186c302
Author: Jean-Frederic Clere
AuthorDate: Mon Ju
CVE-2025-48976 Apache Tomcat - DoS in Commons FileUpload
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 11.0.0-M1 to 11.0.7
Apache Tomcat 10.1.0-M1 to 10.1.41
Apache Tomcat 9.0.0.M1 to 9.0.105
Description:
Apache Commons FileUpload provided a hard-c
CVE-2025-48988 Apache Tomcat - DoS in multipart upload
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 11.0.0-M1 to 11.0.7
Apache Tomcat 10.1.0-M1 to 10.1.41
Apache Tomcat 9.0.0.M1 to 9.0.105
Description:
Tomcat used the same limit for both request p
CVE-2025-49124 Apache Tomcat - Side-loading via Tomcat installer for Windows
Severity: Low
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 11.0.0-M1 to 11.0.7
Apache Tomcat 10.1.0 to 10.1.41
Apache Tomcat 9.0.23 to 9.0.105
Description:
During installation, the Tomcat in
CVE-2025-49125 Apache Tomcat - Security constraint bypass for
pre/post-resources
Severity: Moderate
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 11.0.0-M1 to 11.0.7
Apache Tomcat 10.1.0-M1 to 10.1.41
Apache Tomcat 9.0.0.M1 to 9.0.105
Description:
When using PreResou
https://bz.apache.org/bugzilla/show_bug.cgi?id=69710
Mark Thomas changed:
What|Removed |Added
Resolution|WONTFIX |---
Status|RESOLVED
rmaucher commented on PR #868:
URL: https://github.com/apache/tomcat/pull/868#issuecomment-2976593193
> HTTP/2 is handled differently because of the multiplexing. We probably do
need a `recycle()` method on `RequestInfo`. It looks like it should be called
around line 440 (current 9.0.x code
jfclere opened a new pull request, #28:
URL: https://github.com/apache/tomcat-native/pull/28
make native/WIN7_X64_DLL_RELEASE\tcnative-2.dll available for tests.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL
qingdaoheze commented on PR #868:
URL: https://github.com/apache/tomcat/pull/868#issuecomment-2978822957
> HTTP/2 is handled differently because of the multiplexing. We probably do
need a `recycle()` method on `RequestInfo`. It looks like it should be called
around line 440 (current 9.0.x c
18 matches
Mail list logo
