You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@servicecomb.apache.org by GitBox <gi...@apache.org> on 2021/04/02 06:49:31 UTC

[GitHub] [servicecomb-java-chassis] fu-hui commented on issue #2299: Netty漏洞 CVE-2021-21295

fu-hui commented on issue #2299:
URL: https://github.com/apache/servicecomb-java-chassis/issues/2299#issuecomment-812355506


   
   io.vertx.core.http.impl.headers.VertxHttpHeaders#set(java.lang.CharSequence, java.lang.Object)
   
   VertX在使用4.1.60+Netty的时候Http报文解析流程变化了，才调用到如上函数。一个简单的解决方案是，对当前Vertx打个补丁，将VertxHttpHeaders#set、VertxHttpHeaders#add方法后面的Object对象先 toString一下。


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org