On Fri, Mar 28, 2025, 08:28 Arturo Bernal wrote:
> *Severity:* Moderate
>
> *Affected Versions:*
>
>-
>
>Apache HttpClient 5.4.x
>*(Earlier versions are unaffected.)*
>
That pattern doesn't make sense to me since it matches 5.4.3. It would be
list versions of use the less than and gr
Hi Gary,
To clarify, the semver notation we’re using—“>=5.4.0 <5.4.3”—is intended to
cover only versions 5.4.0, 5.4.1, and 5.4.2, explicitly excluding 5.4.3
(which contains the fix). The “<5.4.3” part ensures that 5.4.3 isn’t
matched, even though it might initially seem like it could be.
Best reg
*Severity:* Moderate
*Affected Versions:*
-
Apache HttpClient 5.4.x
*(Earlier versions are unaffected.)*
*Description:*
A bug in Apache HttpClient 5.4.x effectively disables Public Suffix List
(PSL) validation, impacting cookie management and host name verification.
This may lead to un
leonardehrenfried commented on PR #610:
URL:
https://github.com/apache/httpcomponents-client/pull/610#issuecomment-2762115368
Thanks for looking into it. I will create a Jira user and a ticket.
--
This is an automated message from the Apache Git Service.
To respond to the message, please
leonardehrenfried commented on PR #610:
URL:
https://github.com/apache/httpcomponents-client/pull/610#issuecomment-2761435839
Has this change made into 5.4.3?
I upgrade to that version yesterday and I'm seeing the following exception
which seems related:
```
Caused by: java
[
https://issues.apache.org/jira/browse/HTTPCLIENT-2364?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Fabien Arrault updated HTTPCLIENT-2364:
---
Description:
We are using Apache HTTPClient 5.4.3 to connect in HTTPS to differe
Fabien Arrault created HTTPCLIENT-2364:
--
Summary: Close IMMEDIATE does not work properly on HTTPS-upgraded
connection through proxy
Key: HTTPCLIENT-2364
URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2
arturobernalg commented on PR #610:
URL:
https://github.com/apache/httpcomponents-client/pull/610#issuecomment-2761827914
> Has this change made into 5.4.3?
>
> I upgrade to that version yesterday and I'm seeing the following exception
which seems related:
>
> ```
> Caused
Leonard Ehrenfried created HTTPCLIENT-2365:
--
Summary: S3 host certificate throws SSLPeerUnverifiedException
Key: HTTPCLIENT-2365
URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2365
Proj
[
https://issues.apache.org/jira/browse/HTTPCLIENT-2365?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Osipov updated HTTPCLIENT-2365:
---
Description:
Fetching data with a GET request from an AWS S3 URL fails with the
[
https://issues.apache.org/jira/browse/HTTPCLIENT-2365?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17939351#comment-17939351
]
Michael Osipov commented on HTTPCLIENT-2365:
Cert seems fine:
{noformat}
ok2c commented on PR #610:
URL:
https://github.com/apache/httpcomponents-client/pull/610#issuecomment-2762015390
@leonardehrenfried This PR is completely unrelated to your problem. The
cause of it is a regression introduced by #566.
Feel free to raise a JIRA for the regression
https
ok2c commented on code in PR #566:
URL:
https://github.com/apache/httpcomponents-client/pull/566#discussion_r2019081568
##
httpclient5/src/main/java/org/apache/hc/client5/http/psl/PublicSuffixMatcher.java:
##
@@ -149,24 +148,30 @@ public String getDomainRoot(final String domain
13 matches
Mail list logo
