Control: severity -1 important I am no longer sure undertow is affected. The issue is marked resolved upstream and one of the fixing commits
https://github.com/wildfly/wildfly/pull/10748/files indicates the bug was in WildFly's undertow extension but not in Undertow itself. I keep this bug report open for a little while longer until UNDERTOW-1295 is resolved and we get more information about the vulnerabilities.
Description: OpenPGP digital signature
__ This is the maintainer address of Debian's Java team <http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers>. Please use debian-j...@lists.debian.org for discussions and questions.