Thank you. That is what I was about to ask :). I was using the dev release of 9.0.82. Our QA is testing our application with Tomcat 9.0.82. So far it looks good.
Regards, Zdenek Henek On Thu, Oct 12, 2023 at 9:08 PM Christopher Schultz < ch...@christopherschultz.net> wrote: > All, > > On 10/11/23 08:06, i...@flyingfischer.ch wrote: > > > > Am 11.10.23 um 14:02 schrieb Alexander Veit: > >>> Caused by: org.apache.http.ConnectionClosedException: Premature end > >>> of Content-Length delimited message body (expected: 4,999; received: > >>> 3,040) > >>> at > >>> org.apache.http.impl.io > .ContentLengthInputStream.read(ContentLengthInputStream.java:178) > >>> at > >>> io.restassured.internal.util.IOUtils.toByteArray(IOUtils.java:30) > >>> at > >>> > io.restassured.internal.http.GZIPEncoding$GZIPDecompressingEntity.getContent(GZIPEncoding.java:69) > >>> at > >>> > org.apache.http.conn.BasicManagedEntity.getContent(BasicManagedEntity.java:85) > >>> at > >>> > io.restassured.internal.http.HTTPBuilder.parseResponse(HTTPBuilder.java:546) > >>> at > >>> > io.restassured.internal.RequestSpecificationImpl$RestAssuredHttpBuilder.super$2$parseResponse(RequestSpecificationImpl.groovy) > >>> at sun.reflect.GeneratedMethodAccessor129.invoke(Unknown > Source) > >>> at > >>> > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > >>> at java.lang.reflect.Method.invoke(Method.java:498) > >>> at > >>> > org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:107) > >>> at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:323) > >>> at > >>> groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1268) > >>> at > >>> > org.codehaus.groovy.runtime.ScriptBytecodeAdapter.invokeMethodOnSuperN(ScriptBytecodeAdapter.java:144) > >>> > >>> Has anyone seen this? I will keep everyone posted after debugging more. > >> > >> We have experienced the same problem with Tomcat 8.5.94. > >> > >> --------------------------------------------------------------------- > >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > >> For additional commands, e-mail: users-h...@tomcat.apache.org > >> > > > > Seems to be reported multiple times as this is blocking bug for > > upgrading to the last Tomcat version: > > > > > > https://bz.apache.org/bugzilla/show_bug.cgi?id=67670 > > We understand that it is blocking, but if you re using h2, especially > exposed directly to the internet, you should upgrade to the broken > release and use Konstantin's recommended workarounds. > > Both the h2 Rapid Reset and HTTP Trailer / possible request smuggling > CVEs are both very important. > > We apologize for the regressions. Release votes appear to be going well; > we will have a new set of releases for everyone very shortly. > > Although they are not "official" releases, you are welcome to deploy the > release-candidates themselves. Assuming they are voted stable, they will > be identical to the upcoming "official" releases. > > See the dev@ list [VOTE] emails for where to get those release-candidate > artifacts. > > -chris > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
