/[Apache-SVN]
ViewVC logotype

Revision 1767653


Jump to revision: Previous Next
Author: markt
Date: Wed Nov 2 12:18:08 2016 UTC (8 years, 1 month ago)
Changed paths: 9
Log Message:
Add additional checks for valid characters to the HTTP request line
parsing so invalid request lines are rejected sooner.
This is the fix for CVE-2016-6816

Changed paths

Path Details
Directorytomcat/tc8.0.x/trunk/ modified , props changed
Directorytomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/AbstractInputBuffer.java modified , text changed
Directorytomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/AbstractNioInputBuffer.java modified , text changed
Directorytomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/InternalAprInputBuffer.java modified , text changed
Directorytomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/InternalInputBuffer.java modified , text changed
Directorytomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/LocalStrings.properties modified , text changed
Directorytomcat/tc8.0.x/trunk/java/org/apache/tomcat/util/http/parser/HttpParser.java modified , text changed
Directorytomcat/tc8.0.x/trunk/test/org/apache/catalina/valves/rewrite/TestRewriteValve.java modified , text changed
Directorytomcat/tc8.0.x/trunk/webapps/docs/changelog.xml modified , text changed

infrastructure at apache.org
ViewVC Help
Powered by ViewVC 1.1.26