search

projectnessie / nessie

Nessie: Transactional Catalog for Data Lakes with Git-like semantics
https://projectnessie.org
Apache License 2.0
989 stars 130 forks source link

Update undertow #8876

Closed renovate[bot] closed 3 months ago

renovate[bot] commented 3 months ago

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
io.undertow:undertow-servlet (source) 2.2.28.Final -> 2.3.14.Final age adoption passing confidence
io.undertow:undertow-core (source) 2.2.28.Final -> 2.3.13.Final age adoption passing confidence

Release Notes

undertow-io/undertow (io.undertow:undertow-servlet) ### [`v2.3.14.Final`](https://togithub.com/undertow-io/undertow/releases/tag/2.3.14.Final) [Compare Source](https://togithub.com/undertow-io/undertow/compare/2.3.13.Final...2.3.14.Final) Includes CVES: CVE-2024-6162 CVE-2024-27316 CVE-2023-5685 ``` Release Notes - Undertow - Version 2.3.14.Final ```

Sub-task

  • [UNDERTOW-2400] - ResponseWriterTestCase fails because ServletinputStream is closed before read

Bug

  • [UNDERTOW-2332] - CachingResource mishandling with TTL =0 and FS exhaustion
  • [UNDERTOW-2334] - CVE-2024-6162 url-encoded request path information can be broken on ajp-listener
  • [UNDERTOW-2378] - Adjust properly session timeout also in case when custom auth mechanisms are used
  • [UNDERTOW-2383] - Canonicalized query string in redirect location can break included links
  • [UNDERTOW-2385] - Memory leak in ThreadLocalCache
  • [UNDERTOW-2389] - DefaultByteBufferPool leaks buffers for released threads
  • [UNDERTOW-2405] - CVE-2024-27316 HTTP-2: httpd: CONTINUATION frames DoS
  • [UNDERTOW-2407] - NullPointerException on DefaultByteBufferPool.close
  • [UNDERTOW-2409] - Adjust properly session timeout also in case when GET requests with custom auth mechanisms are used

Component Upgrade

Enhancement

  • [UNDERTOW-2408] - Make fields final in DefaultByteBufferPool when appliable
### [`v2.3.13.Final`](https://togithub.com/undertow-io/undertow/compare/2.3.12.Final...2.3.13.Final) [Compare Source](https://togithub.com/undertow-io/undertow/compare/2.3.12.Final...2.3.13.Final) ### [`v2.3.12.Final`](https://togithub.com/undertow-io/undertow/compare/2.3.11.Final...2.3.12.Final) [Compare Source](https://togithub.com/undertow-io/undertow/compare/2.3.11.Final...2.3.12.Final) ### [`v2.3.11.Final`](https://togithub.com/undertow-io/undertow/compare/2.3.10.Final...2.3.11.Final) [Compare Source](https://togithub.com/undertow-io/undertow/compare/2.3.10.Final...2.3.11.Final) ### [`v2.3.10.Final`](https://togithub.com/undertow-io/undertow/compare/2.3.9.Final...2.3.10.Final) [Compare Source](https://togithub.com/undertow-io/undertow/compare/2.3.9.Final...2.3.10.Final) ### [`v2.3.9.Final`](https://togithub.com/undertow-io/undertow/compare/2.3.8.Final...2.3.9.Final) [Compare Source](https://togithub.com/undertow-io/undertow/compare/2.3.8.Final...2.3.9.Final) ### [`v2.3.8.Final`](https://togithub.com/undertow-io/undertow/compare/2.3.7.Final...2.3.8.Final) [Compare Source](https://togithub.com/undertow-io/undertow/compare/2.3.7.Final...2.3.8.Final) ### [`v2.3.7.Final`](https://togithub.com/undertow-io/undertow/compare/2.3.6.Final...2.3.7.Final) [Compare Source](https://togithub.com/undertow-io/undertow/compare/2.3.6.Final...2.3.7.Final) ### [`v2.3.6.Final`](https://togithub.com/undertow-io/undertow/compare/2.3.5.Final...2.3.6.Final) [Compare Source](https://togithub.com/undertow-io/undertow/compare/2.3.5.Final...2.3.6.Final) ### [`v2.3.5.Final`](https://togithub.com/undertow-io/undertow/compare/2.3.4.Final...2.3.5.Final) [Compare Source](https://togithub.com/undertow-io/undertow/compare/2.3.4.Final...2.3.5.Final) ### [`v2.3.4.Final`](https://togithub.com/undertow-io/undertow/compare/2.3.3.Final...2.3.4.Final) [Compare Source](https://togithub.com/undertow-io/undertow/compare/2.3.3.Final...2.3.4.Final) ### [`v2.3.3.Final`](https://togithub.com/undertow-io/undertow/compare/2.3.2.Final...2.3.3.Final) [Compare Source](https://togithub.com/undertow-io/undertow/compare/2.3.2.Final...2.3.3.Final) ### [`v2.3.2.Final`](https://togithub.com/undertow-io/undertow/compare/2.3.1.Final...2.3.2.Final) [Compare Source](https://togithub.com/undertow-io/undertow/compare/2.3.1.Final...2.3.2.Final) ### [`v2.3.1.Final`](https://togithub.com/undertow-io/undertow/compare/2.3.0.Final...2.3.1.Final) [Compare Source](https://togithub.com/undertow-io/undertow/compare/2.3.0.Final...2.3.1.Final) ### [`v2.3.0.Final`](https://togithub.com/undertow-io/undertow/compare/2.2.32.Final...2.3.0.Final) [Compare Source](https://togithub.com/undertow-io/undertow/compare/2.2.32.Final...2.3.0.Final) ### [`v2.2.32.Final`](https://togithub.com/undertow-io/undertow/compare/2.2.31.Final...2.2.32.Final) [Compare Source](https://togithub.com/undertow-io/undertow/compare/2.2.31.Final...2.2.32.Final) ### [`v2.2.31.Final`](https://togithub.com/undertow-io/undertow/compare/2.2.30.Final...2.2.31.Final) [Compare Source](https://togithub.com/undertow-io/undertow/compare/2.2.30.Final...2.2.31.Final) ### [`v2.2.30.Final`](https://togithub.com/undertow-io/undertow/compare/2.2.29.Final...2.2.30.Final) [Compare Source](https://togithub.com/undertow-io/undertow/compare/2.2.29.Final...2.2.30.Final) ### [`v2.2.29.Final`](https://togithub.com/undertow-io/undertow/compare/2.2.28.Final...2.2.29.Final) [Compare Source](https://togithub.com/undertow-io/undertow/compare/2.2.28.Final...2.2.29.Final)

Configuration

šŸ“… Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

šŸš¦ Automerge: Enabled.

ā™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

šŸ‘» Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

This PR has been generated by Mend Renovate. View repository job log here.