aooohan commented on PR #592:
URL: https://github.com/apache/tomcat/pull/592#issuecomment-1463387623
Merge manually, thanks.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
aooohan closed pull request #592: Improved regexp performance: "a-zA-Z0-9_" ->
"\w"
URL: https://github.com/apache/tomcat/pull/592
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific
This is an automated email from the ASF dual-hosted git repository.
lihan pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 3f01b8bdec Improved regexp performance:
This is an automated email from the ASF dual-hosted git repository.
lihan pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 6918c28c77 Improved regexp performance:
This is an automated email from the ASF dual-hosted git repository.
lihan pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new 7ed9261493 Improved regexp performance:
This is an automated email from the ASF dual-hosted git repository.
lihan pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new c8fba3264d Improved regexp performance: "a-zA-Z0-9_"
aooohan commented on PR #596:
URL: https://github.com/apache/tomcat/pull/596#issuecomment-1463201626
I have a question that why we don't add a real **primary
key**(auto-increment) to solve the problem that primary key constraint
violation when insert data to database simultaneously? And we
> On Mar 9, 2023, at 22:52, Christopher Schultz
> wrote:
>
> All,
>
> Please have a look at DataSourceStore.java:629
>
> https://github.com/apache/tomcat/blob/main/java/org/apache/catalina/session/DataSourceStore.java#L629
>
> It looks to be like the byte array which contains the session
Build status: BUILD FAILED: failed compile (failure) Logs copied. (failure)
Worker used: bb_worker2_ubuntu
URL: https://ci2.apache.org/#builders/37/builds/490
Blamelist: Mark Thomas
Build Text: failed compile (failure) Logs copied. (failure)
Status Detected: new failure
Build Source Stamp:
isapir commented on PR #596:
URL: https://github.com/apache/tomcat/pull/596#issuecomment-1462467192
Yeah, I guess that site is not up to date. I also used SELECT FOR UPDATE in
MySQL 5.7.
There is also INSERT ON CONFLICT UPDATE support in MySQL and Postgres, but
it would be
isapir commented on code in PR #596:
URL: https://github.com/apache/tomcat/pull/596#discussion_r1131364805
##
java/org/apache/catalina/session/DataSourceStore.java:
##
@@ -626,15 +626,77 @@ public void save(Session session) throws IOException {
byte[] obs =
Build status: BUILD FAILED: failed compile (failure)
Worker used: bb_worker2_ubuntu
URL: https://ci2.apache.org/#builders/36/builds/425
Blamelist: Mark Thomas
Build Text: failed compile (failure)
Status Detected: new failure
Build Source Stamp: [branch 8.5.x]
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 149aa95a01 Rename digests to remove reference to
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 5914457f10 Fix back-port
5914457f10 is described
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new e46f1f79d4 Rename digests to remove reference to
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new d543e8e57b Rename digests to remove reference to
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 16ed41df3b Rename digests to remove reference to
Build status: Build succeeded!
Worker used: bb_worker2_ubuntu
URL: https://ci2.apache.org/#builders/44/builds/709
Blamelist: Mark Thomas
Build Text: build successful
Status Detected: restored build
Build Source Stamp: [branch 10.1.x] 166581b1d76c5ae95881ccc2183f4d9ffa096d35
Steps:
All,
Please have a look at DataSourceStore.java:629
https://github.com/apache/tomcat/blob/main/java/org/apache/catalina/session/DataSourceStore.java#L629
It looks to be like the byte array which contains the session data is
being first wrapped in a ByteArrayInputStream (which is necessary to
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new b6a326 Remove unnecessary Javadoc
b6a326
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 9b4e9ea182 Remove unnecessary Javadoc
9b4e9ea182
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 43f4b5779a Remove unnecessary Javadoc
43f4b5779a is
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new 8110b3d5fc Remove unnecessary Javadoc
8110b3d5fc
Mark,
On 3/9/23 05:56, Mark Thomas wrote:
Hi all,
In the context of CVE-2023-24998 (performance issues for large numbers
of uploaded parts), I have been wondering about reducing the default
value for maxParameterCount.
The current default for maxParameterCount is 10,000. It was set based
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new a1e60f36b4 Remove unnecessary duplication of
This is an automated email from the ASF dual-hosted git repository.
markt pushed a change to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
from a53eece969 Improve Javadoc
add 5d5e60b1fe Remove unnecessary duplication of Javadoc
No new revisions were added by
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new e6744b4a40 Remove unnecessary duplication of
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new 166581b1d7 Remove unnecessary duplication of
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 023aa4e0d7 Improve Javadoc
023aa4e0d7 is described
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 21c16a86c2 Improve Javadoc
21c16a86c2 is described
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new 8c441e35b5 Improve Javadoc
8c441e35b5 is
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new a53eece969 Improve Javadoc
a53eece969 is described
ChristopherSchultz commented on code in PR #596:
URL: https://github.com/apache/tomcat/pull/596#discussion_r1131033698
##
java/org/apache/catalina/session/DataSourceStore.java:
##
@@ -626,15 +626,77 @@ public void save(Session session) throws IOException {
ChristopherSchultz commented on code in PR #596:
URL: https://github.com/apache/tomcat/pull/596#discussion_r1131019399
##
java/org/apache/catalina/session/DataSourceStore.java:
##
@@ -626,15 +626,77 @@ public void save(Session session) throws IOException {
ChristopherSchultz commented on PR #596:
URL: https://github.com/apache/tomcat/pull/596#issuecomment-1462052065
> @ChristopherSchultz Is there a list of supported database systems with
which the DataSourceStore is compatible? Are you sure that they all support
"SELECT FOR UPDATE"? I tried
Build status: BUILD FAILED: failed Snapshot deployed to ASF Maven snapshot
repository (failure)
Worker used: bb_worker2_ubuntu
URL: https://ci2.apache.org/#builders/44/builds/708
Blamelist: Mark Thomas
Build Text: failed Snapshot deployed to ASF Maven snapshot repository (failure)
Status
Hi all,
In the context of CVE-2023-24998 (performance issues for large numbers
of uploaded parts), I have been wondering about reducing the default
value for maxParameterCount.
The current default for maxParameterCount is 10,000. It was set based on
it being low enough to mitigate
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 7b321d7de9 Harden FORM authentication by limiting
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new fea89e2128 Harden FORM authentication by limiting
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new fe6ffca0a3 Harden FORM authentication by
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new d5ead98581 Harden FORM authentication by limiting
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 61a48cfb59 Fix grammar
61a48cfb59 is described
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new d0642b50d8 Fix grammar
d0642b50d8 is described
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new 4cd826addb Fix grammar
4cd826addb is described
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 0a13efb7c4 Fix grammar
0a13efb7c4 is described below
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 71ed8cd98d Update meaning of maxParameterCount to
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 1679ced19a Update meaning of maxParameterCount to
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new 8a7ea2bc4e Update meaning of maxParameterCount
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new b6837648fc Update meaning of maxParameterCount to
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 73e638440f Try and keep attributes in alphabetical
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 87b268a95d Try and keep attributes in alphabetical
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new f467bfe15c Try and keep attributes in
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 02d21de32c Try and keep attributes in alphabetical
https://bz.apache.org/bugzilla/show_bug.cgi?id=66508
--- Comment #7 from Mark Thomas ---
If it helps, dev build with the fix is available from:
https://people.apache.org/~markt/dev/v9.0.74-dev/
Note:
- this is not an official release
- use it at your own risk
--
You are receiving this mail
On Wed, Mar 8, 2023 at 8:37 PM Igal Sapir wrote:
>
> All,
>
> I would like to add a Rate Limiter Filter or Valve which will help mitigate
> DoS and Brute Force attacks, and want to get feedback from the community
> and the PMC. The checks will run before the request reaches the servlet
> and
55 matches
Mail list logo
