Author: bmaxwell Date: 2012-01-13 11:47:51 -0500 (Fri, 13 Jan 2012) New Revision: 1922 Modified: branches/JBOSSWEB_2_0_0_GA_CP16_JBPAPP-7862/src/share/classes/org/apache/tomcat/util/net/AprEndpoint.java Log: [JBPAPP-7862] fix 2011-2526 Modified: branches/JBOSSWEB_2_0_0_GA_CP16_JBPAPP-7862/src/share/classes/org/apache/tomcat/util/net/AprEndpoint.java =================================================================== --- branches/JBOSSWEB_2_0_0_GA_CP16_JBPAPP-7862/src/share/classes/org/apache/tomcat/util/net/AprEndpoint.java 2012-01-13 16:46:50 UTC (rev 1921) +++ branches/JBOSSWEB_2_0_0_GA_CP16_JBPAPP-7862/src/share/classes/org/apache/tomcat/util/net/AprEndpoint.java 2012-01-13 16:47:51 UTC (rev 1922) @@ -301,7 +301,7 @@ /** * Use endfile for sending static files. */ - protected boolean useSendfile = Library.APR_HAS_SENDFILE; + protected boolean useSendfile = false; /* CVE-2011-2526 */ public void setUseSendfile(boolean useSendfile) { this.useSendfile = useSendfile; } public boolean getUseSendfile() { return useSendfile; }