[jboss-cvs] JBossAS SVN: r96628 - projects/docs/enterprise/4.2.8/readme/en-US.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Fri Nov 20 02:53:50 EST 2009
Author: laubai
Date: 2009-11-20 02:53:50 -0500 (Fri, 20 Nov 2009)
New Revision: 96628
Modified:
projects/docs/enterprise/4.2.8/readme/en-US/Release_Notes_CP08.xml
Log:
Adding release notes for JBPAPP-2039.
Modified: projects/docs/enterprise/4.2.8/readme/en-US/Release_Notes_CP08.xml
===================================================================
--- projects/docs/enterprise/4.2.8/readme/en-US/Release_Notes_CP08.xml 2009-11-20 07:15:56 UTC (rev 96627)
+++ projects/docs/enterprise/4.2.8/readme/en-US/Release_Notes_CP08.xml 2009-11-20 07:53:50 UTC (rev 96628)
@@ -427,8 +427,11 @@
<itemizedlist>
<listitem>
<para>
-
- </para>
+ <ulink url="https://jira.jboss.org/jira/browse/JBPAPP-2039">JBPAPP-2039</ulink>: The fix for <ulink url="https://jira.jboss.org/jira/browse/JBPAPP-1992">JBPAPP-1992</ulink> means that Version 1 cookies are used in JBoss Web instead of Version 0. This older version is linked to a security issue. To return to the previous behavior despite this, add a <filename>conf/catalina.properties</filename> file and set the following property in it:
+ </para>
+ <programlisting>
+org.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false
+ </programlisting>
</listitem>
</itemizedlist>
</para>
More information about the jboss-cvs-commits
mailing list