Re: AWS health check problems

On 01/03/2021 22:35, Jake Orel wrote: Hi All, I'm working on deploying tomcat through aws with the use of an elastic load balancer connected to an auto scaling group. I'm running into an issue where the health checks associated with the target group are being sent to my server via IP address and

Re: Reg: caching allowed setting in tomcat

On 01/03/2021 16:03, Jalaj Asher wrote: I see that the cachingallowed setting is primarily for static content caching. But considering my application we have a lot of static content data resulting in almost 100 to 150 MB of heap memory being used because of this caching. 1. Is there any w

AWS health check problems

Hi All, I'm working on deploying tomcat through aws with the use of an elastic load balancer connected to an auto scaling group. I'm running into an issue where the health checks associated with the target group are being sent to my server via IP address and therefore the host isn't seeing it so it

Reg: caching allowed setting in tomcat

I see that the cachingallowed setting is primarily for static content caching. But considering my application we have a lot of static content data resulting in almost 100 to 150 MB of heap memory being used because of this caching. 1. Is there any way to do this caching on disk ? 1. My

Re: Tomcat Security Office Hours

On 01/03/2021 11:16, Rony G. Flatscher (Apache) wrote: On 24.02.2021 12:59, Mark Thomas wrote: All, Inspired by this post [1] I am going to try an experiment with running weekly office hours every Thursday. I'm going to start off by focussing on security. If there is anything you'd like to dis

Re: Tomcat Security Office Hours

On 24.02.2021 12:59, Mark Thomas wrote: > All, > > Inspired by this post [1] I am going to try an experiment with running > weekly office hours every Thursday. > > I'm going to start off by focussing on security. If there is anything > you'd like to discuss and/or provide feedback on and/or ask que

[SECURITY] CVE-2021-25329 Apache Tomcat Incomplete fix for CVE-2020-9484 (RCE via session persistence)

CVE-2021-25329 Incomplete fix for CVE-2020-9484 (RCE via session persistence) Severity: Low Vendor: The Apache Software Foundation Versions Affected: Apache Tomcat 10.0.0-M1 to 10.0.0 Apache Tomcat 9.0.0.M1 to 9.0.41 Apache Tomcat 8.5.0 to 8.5.61 Apache Tomcat 7.0.0 to 7.0.107 Description: T

[SECURITY] CVE-2021-25122 Apache Tomcat h2c request mix-up

CVE-2021-25122 h2c request mix-up Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Tomcat 10.0.0-M1 to 10.0.0 Apache Tomcat 9.0.0.M1 to 9.0.41 Apache Tomcat 8.5.0 to 8.5.61 Description: When responding to new h2c connection requests, Apache Tomcat could dup