/[Apache-SVN]
ViewVC logotype

Revision 1767653

Jump to revision: Previous Next
Author: markt
Date: Wed Nov 2 12:18:08 2016 UTC (7 years, 8 months ago)
Changed paths: 9
Log Message: 
Add additional checks for valid characters to the HTTP request line
parsing so invalid request lines are rejected sooner.
This is the fix for CVE-2016-6816

Changed paths

Path Details
Directorytomcat/tc8.0.x/trunk/ modified , props changed
Directorytomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/AbstractInputBuffer.java modified , text changed
Directorytomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/AbstractNioInputBuffer.java modified , text changed
Directorytomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/InternalAprInputBuffer.java modified , text changed
Directorytomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/InternalInputBuffer.java modified , text changed
Directorytomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/LocalStrings.properties modified , text changed
Directorytomcat/tc8.0.x/trunk/java/org/apache/tomcat/util/http/parser/HttpParser.java modified , text changed
Directorytomcat/tc8.0.x/trunk/test/org/apache/catalina/valves/rewrite/TestRewriteValve.java modified , text changed
Directorytomcat/tc8.0.x/trunk/webapps/docs/changelog.xml modified , text changed
infrastructure at apache.org
 ViewVC Help
Powered by ViewVC 1.1.26