Author: kkolinko Date: Sun May 10 17:10:28 2015 New Revision: 1678585 URL: http://svn.apache.org/r1678585 Log: Add reference to CVE-2014-0230
Modified: tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Modified: tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml?rev=1678585&r1=1678584&r2=1678585&view=diff ============================================================================== --- tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Sun May 10 17:10:28 2015 @@ -2577,6 +2577,7 @@ Improve configuration of cache sizes in the endpoint. (markt) </fix> <add> + Fix CVE-2014-0230: Add a new limit, defaulting to 2MB, for the amount of data Tomcat will swallow for an aborted upload. The limit is configurable by <code>maxSwallowSize</code> attribute of an HTTP connector. (markt) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org