master

分支 (26)

标签 (80)

管理

管理

master

openEuler-20.03-LTS-SP4

openEuler-24.03-LTS-SP3

openEuler-22.03-LTS-SP3

openEuler-22.03-LTS-SP4

openEuler-24.03-LTS-SP2

openEuler-24.03-LTS-SP1

openEuler-24.03-LTS

openEuler-24.03-LTS-Next

openEuler-25.09

openEuler-25.03

openEuler-22.03-LTS-SP1

openEuler-20.03-LTS-SP1

openEuler-22.03-LTS

openEuler-22.03-LTS-Next

openEuler-22.03-LTS-SP2

openEuler-24.09

openEuler-20.03-LTS-SP3

openEuler-23.09

openEuler-23.03

openEuler-25.09-release

openEuler-24.03-LTS-update-20250912

openEuler-24.03-LTS-SP1-update-20250911

openEuler-20.03-LTS-SP4-update-20250905

openEuler-22.03-LTS-SP3-update-20250905

openEuler-22.03-LTS-SP4-update-20250905

openEuler-24.03-LTS-SP1-update-20250905

openEuler-24.03-LTS-SP2-update-20250905

openEuler-20.03-LTS-SP4-update-20250725

openEuler-22.03-LTS-SP3-update-20250725

openEuler-22.03-LTS-SP4-update-20250725

openEuler-24.03-LTS-update-20250725

openEuler-24.03-LTS-SP1-update-20250725

openEuler-24.03-LTS-SP2-update-20250725

openEuler-20.03-LTS-SP4-update-20250711

openEuler-22.03-LTS-SP3-update-20250711

openEuler-22.03-LTS-SP4-update-20250711

openEuler-24.03-LTS-update-20250711

openEuler-24.03-LTS-SP1-update-20250711

openEuler-24.03-LTS-SP2-update-20250711

tomcat
/
CVE-2025-31650-2.patch

From b98e74f517b36929f4208506e5adad22cb767baa Mon Sep 17 00:00:00 2001
From: Mark Thomas <markt@apache.org>
Date: Wed, 19 Mar 2025 03:21:50 +0000
Subject: [PATCH] Additional fix for BZ 69614

Origin: https://github.com/apache/tomcat/commit/b98e74f517b36929f4208506e5adad22cb767baa

---
 java/org/apache/coyote/http2/Stream.java | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/java/org/apache/coyote/http2/Stream.java b/java/org/apache/coyote/http2/Stream.java
index e8f0d9481c03..ecda8caec811 100644
--- a/java/org/apache/coyote/http2/Stream.java
+++ b/java/org/apache/coyote/http2/Stream.java
@@ -456,6 +456,12 @@ public final void emitHeader(String name, String value) throws HpackException {
                     setIncremental(p.getIncremental());
                 } catch (IOException ioe) {
                     // Not possible with StringReader
+                } catch (IllegalArgumentException iae) {
+                    // Invalid priority header field values should be ignored
+                    if (log.isTraceEnabled()) {
+                        log.trace(sm.getString("http2Parser.processFramePriorityUpdate.invalid", getConnectionId(),
+                                getIdAsString()), iae);
+                    }
                 }
                 break;
             }