Skip to content

Bump io.undertow:undertow-core from 2.3.18.Final to 2.4.1.Final#3403

Closed
dependabot[bot] wants to merge 1 commit into
6.0from
dependabot/maven/6.0/io.undertow-undertow-core-2.4.1.Final
Closed

Bump io.undertow:undertow-core from 2.3.18.Final to 2.4.1.Final#3403
dependabot[bot] wants to merge 1 commit into
6.0from
dependabot/maven/6.0/io.undertow-undertow-core-2.4.1.Final

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 11, 2026

Copy link
Copy Markdown
Contributor

Bumps io.undertow:undertow-core from 2.3.18.Final to 2.4.1.Final.

Release notes

Sourced from io.undertow:undertow-core's releases.

v.2.4.1.Final

Release 2.4.1.Final Full list of Jiras: view in Jira

    # Release notes - Undertow - 2.4.1.Final

Bug

UNDERTOW-2763 As per RFC9112 reason-phrase is optional in HTTP 1.1 responses

Enhancement

UNDERTOW-2759 Enable testing in JDK25

UNDERTOW-2767 [2.4.x] UndertowMessages at core uses the wrong message id for fixes in new parser

v.2.4.0.Final

Release 2.4.0.Final Fixes CVE-2026-28367 CVE-2026-28368 CVE-2026-28369 Full list of Jiras: view in Jira

Release notes - Undertow - 2.4.0.Final

Feature Request

UNDERTOW-1593 Track processing time of in flight requests

UNDERTOW-1748 provide a way to "comment" a line in predicate language

UNDERTOW-1870 Hard-coded timeout for asynchronous HTTP requests - add async context timeout undertow option

UNDERTOW-1880 Undertow should support HTTP/2 connection management, wrt GOAWAY frame

UNDERTOW-1881 Add a new exchange attribute for SSL/TLS protocol version

UNDERTOW-2010 Provide method to invalidate all paths in CachingResourceManager

UNDERTOW-2242 Add UndertowOptions.ALLOW_ID_LESS_MATRIX_PARAMETERS

UNDERTOW-2273 Exchange Attribute parser doesn't handle nested attributes

UNDERTOW-2301 HTTP/2 cannot be configured on a per-listener basis

UNDERTOW-2319 Move io.undertow.multipart.minsize property to UndertowOptions

UNDERTOW-2553 Add rewriteHostHeader to ModCluster

UNDERTOW-2580 Support SameSite and custom cookie attributes

UNDERTOW-2696 Allow PathHandler to check for registered prefixes

... (truncated)

Commits
  • 3e2cfbc Prepare 2.4.1.Final
  • 6bea2c2 Merge pull request #1966 from fl4via/UNDERTOW-2767
  • 4dbcdca Merge pull request #1952 from ropalka/UNDERTOW-2763
  • 366af17 [UNDERTOW-2767] Move UndertowMessages.tooManyPathParameters from message id 2...
  • 12a2445 Merge pull request #1955 from fl4via/UNDERTOW-2611_2.4.x
  • 8334977 [UNDERTOW-2611] Ensure max-request-size of a Multipart servlet can override a...
  • a8bfac2 [UNDERTOW-2763] As per RFC 9112 reason phrase is optional in HTTP responses
  • 2ab6e54 Next is 2.4.1.Final
  • e2ae24e Prepare 2.4.0.Final
  • 3ece0bf Merge pull request #1947 from fl4via/UNDERTOW-2594_2.4.x
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [io.undertow:undertow-core](https://github.com/undertow-io/undertow) from 2.3.18.Final to 2.4.1.Final.
- [Release notes](https://github.com/undertow-io/undertow/releases)
- [Commits](undertow-io/undertow@2.3.18.Final...2.4.1.Final)

---
updated-dependencies:
- dependency-name: io.undertow:undertow-core
  dependency-version: 2.4.1.Final
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jun 11, 2026
@dependabot dependabot Bot requested a review from manovotn as a code owner June 11, 2026 15:51
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jun 11, 2026
@manovotn

Copy link
Copy Markdown
Member

This will be similar to what I patched on the main branch - needs some tweaks in Undertow usage.

@manovotn

manovotn commented Jun 15, 2026

Copy link
Copy Markdown
Member

@dependabot rebase

@dependabot @github

dependabot Bot commented on behalf of github Jun 15, 2026

Copy link
Copy Markdown
Contributor Author

Looks like io.undertow:undertow-core is up-to-date now, so this is no longer needed.

@dependabot dependabot Bot closed this Jun 15, 2026
@dependabot dependabot Bot deleted the dependabot/maven/6.0/io.undertow-undertow-core-2.4.1.Final branch June 15, 2026 11:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant