You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by kk...@apache.org on 2015/05/10 19:10:28 UTC
svn commit: r1678585 - /tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml
Author: kkolinko
Date: Sun May 10 17:10:28 2015
New Revision: 1678585
URL: http://svn.apache.org/r1678585
Log:
Add reference to CVE-2014-0230
Modified:
tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml
Modified: tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml?rev=1678585&r1=1678584&r2=1678585&view=diff
==============================================================================
--- tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Sun May 10 17:10:28 2015
@@ -2577,6 +2577,7 @@
Improve configuration of cache sizes in the endpoint. (markt)
</fix>
<add>
+ Fix CVE-2014-0230:
Add a new limit, defaulting to 2MB, for the amount of data Tomcat will
swallow for an aborted upload. The limit is configurable by
<code>maxSwallowSize</code> attribute of an HTTP connector. (markt)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org