View Issue Details

Related ChangesetsJump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0006576SymmetricDSImprovementpublic2024-09-06 21:262024-09-06 22:00
Reporterelong Assigned Toelong  
Prioritynormal 
Status resolvedResolutionfixed 
Product Version3.15.0 
Target Version3.15.9Fixed in Version3.15.9 
Summary0006576: Disallow HTTP methods not needed for data sync
DescriptionDisallow HTTP methods not needed for data sync that are showing up on security scans of the embedded Jetty web server. Block use of OPTIONS, TRACE, TRACK, and DELETE.
Tagssecurity

Activities

There are no notes attached to this issue.

Related Changesets

SymmetricDS: 3.15 93b34baa

2024-09-06 21:27:06

admin

Details Diff 		0006576: Disallow HTTP methods not needed for data sync Affected Issues
0006576
mod - symmetric-server/src/main/deploy/conf/sym_service.conf Diff File

Issue History

Date Modified Username Field Change
2024-09-06 21:26 elong New Issue
2024-09-06 21:26 elong Status new => assigned
2024-09-06 21:26 elong Assigned To => elong
2024-09-06 21:26 elong Tag Attached: security
2024-09-06 21:27 elong Status assigned => resolved
2024-09-06 21:27 elong Resolution open => fixed
2024-09-06 21:27 elong Fixed in Version => 3.15.9
2024-09-06 22:00 admin Changeset attached => SymmetricDS 3.15 93b34baa