How bad is its impact? (Severity)
Identify why the fix needs to occur now:
How often does it happen? (Frequency)
- anytime a specially crafted header is sent to the web container
How much effort is required to fix it? (Cost)
What is the risk of fixing it? (Risk)
Does a work around for the issue exist? Can the workaround be reasonably employed by the end user?
If the issue is not fixed should the issue and its workaround (if applicable) be described in the Release Notes?
How long has the bug existed in the product?
- It's a JVM issue that's been around for some time. The issue has just recently started getting a lot of press.
Do regression tests exist for this issue?
- in Grizzly, not in glassfish.
Which tests should QA (re)run to verify the fix did not destabilize GlassFish?
When will a tested fix be ready for integration?