Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[UNDERTOW-2212] CVE-2022-4492 Server identity in https connection is … #1447

Merged
merged 2 commits into from Mar 25, 2023
Merged

[UNDERTOW-2212] CVE-2022-4492 Server identity in https connection is … #1447

merged 2 commits into from Mar 25, 2023

Conversation

fl4via
Copy link
Member

@fl4via fl4via commented Mar 10, 2023

…not checked by the undertow client

Jira: https://issues.redhat.com/browse/UNDERTOW-2212

@fl4via fl4via added bug fix Contains bug fix(es) next release This PR will be merged before next release or has already been merged (for payload double check) waiting CI check Ready to be merged but waiting for CI check labels Mar 10, 2023
@romabaz
Copy link

romabaz commented Mar 17, 2023

Great, thanks! Eagerly waiting for the merge

@ghost
Copy link

ghost commented Mar 17, 2023

@fl4via Thanks for the Fix. Any estimation when will this be merged anytime soon?
As temp. fix, I'm switching back to Tomcat.

@fl4via
Copy link
Member Author

fl4via commented Mar 22, 2023

hi @Abdullah-Shahen ! It wll merged and release this week.

@fl4via fl4via added waiting PR update Awaiting PR update(s) from contributor before merging failed CI Introduced new regession(s) during CI check and removed waiting CI check Ready to be merged but waiting for CI check labels Mar 22, 2023
@fl4via fl4via force-pushed the UNDERTOW-2212 branch 4 times, most recently from 4b7ee3a to f6975f2 Compare March 24, 2023 20:25
@fl4via fl4via added waiting CI check Ready to be merged but waiting for CI check and removed waiting PR update Awaiting PR update(s) from contributor before merging failed CI Introduced new regession(s) during CI check labels Mar 24, 2023
@fl4via
Copy link
Member Author

fl4via commented Mar 24, 2023
edited

For more information on the CI failure see https://issues.redhat.com/browse/UNDERTOW-2249

rmartinc and others added 2 commits March 25, 2023 05:23
@rmartinc @fl4via
[UNDERTOW-2212] CVE-2022-4492 Server identity in https connection is …
e5071e5 
…not checked by the undertow client

Signed-off-by: Flavia Rainone <frainone@redhat.com>
@fl4via
[UNDERTOW-2212] At the HttpClientTestCase.testSslServerIdentity test,…
cc2f99a 
… do not enforce the exception to be of type ClosedChannelException (see UNDERTOW-2249).

Signed-off-by: Flavia Rainone <frainone@redhat.com>
@fl4via fl4via removed the waiting CI check Ready to be merged but waiting for CI check label Mar 25, 2023
@fl4via fl4via merged commit af53274 into undertow-io:master Mar 25, 2023
25 checks passed
@fl4via fl4via deleted the UNDERTOW-2212 branch March 25, 2023 11:09
@fl4via fl4via removed the next release This PR will be merged before next release or has already been merged (for payload double check) label Apr 4, 2023
@matthewhilldev
Copy link

Good day @fl4via
Any chance this will be released on 2.2.x? We're stuck on JRE8 for a while longer and the JRE11 dependency is a bit unfortunate on the 2.3.x branch.

@carterkozak
Copy link
Contributor

@matthewhilldev This change is included in the 2.2.24.Final release via #1457

@matthewhilldev
Copy link

@matthewhilldev This change is included in the 2.2.24.Final release via #1457

Thanks!

@fawind fawind mentioned this pull request Apr 13, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
bug fix Contains bug fix(es)
Projects
None yet
Milestone
No milestone
5 participants
@fl4via @romabaz @matthewhilldev @carterkozak @rmartinc