MariusDienel commented on issue #2691: URL: https://github.com/apache/karaf/issues/2691#issuecomment-4646627655
Thank you all for your quick responses. I guess we will be waiting for Karaf 4.5.x then. I am also pretty sure that, if there is sufficient security precautions on the server side, the vulnerability is not critical. In my research I was also able to find out that this only works with HTTP/1.1, so enforcing HTTP/2.0 in the reverse proxy will mitigate the risk. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
