| Fix Version | Key | Component | Summary | Type | Resolution | Status | 
|  | FILEUPLOAD-238 |  | Default charset hardcoded in FileItem (must be used Charset.defaultCharset()) | Bug | Fixed | Closed | 
|  | FILEUPLOAD-118 |  | Maven pom has invalid parent | Bug | Fixed | Closed | 
|  | FILEUPLOAD-110 |  | MultipartStream's keep region padding is either unnecessary or untested (and undocumented) | Bug | Fixed | Resolved | 
|  | FILEUPLOAD-72 |  | Java docs bug | Bug | Fixed | Closed | 
|  | FILEUPLOAD-70 |  | DefaultFileItem should not catch Exception | Bug | Fixed | Closed | 
|  | FILEUPLOAD-67 |  | possible typo in fileupload docs on commons site | Bug | Fixed | Closed | 
|  | FILEUPLOAD-66 |  | DefaultFileItem issues | Bug | Fixed | Closed | 
|  | FILEUPLOAD-61 |  | Temporary upload files are not being deleted | Bug | Fixed | Closed | 
|  | FILEUPLOAD-59 |  | [fileupload] Memory Issue | Bug | Fixed | Closed | 
|  | FILEUPLOAD-57 |  | [fileupload] Sample code is not working | Bug | Fixed | Closed | 
|  | FILEUPLOAD-56 |  | [FileUpload] uploading files with non-ASCII filenames | Bug | Fixed | Closed | 
|  | FILEUPLOAD-53 |  | UnknownSizeException with IE5.0 (due to IE5.0 bug) | Bug | Fixed | Closed | 
|  | FILEUPLOAD-50 |  | [fileupload] FileItem implements Serializable incorrectly | Bug | Fixed | Closed | 
|  | FILEUPLOAD-48 |  | [fileupload] Memory leak in DefaultFileItem | Bug | Fixed | Closed | 
|  | FILEUPLOAD-46 |  | [fileupload] Default encoding issue running Tomcat on z/os | Bug | Fixed | Closed | 
|  | FILEUPLOAD-40 |  | FileUploadBase does not handle quoted boundary specification, which is required by RFC 1521 | Bug | Fixed | Closed | 
|  | FILEUPLOAD-39 |  | [fileupload] Content-Type with quoted boundary doesn't work | Bug | Fixed | Closed | 
|  | FILEUPLOAD-37 |  | [fileupload] Two typos in the manual page of MultipartStream | Bug | Fixed | Closed | 
|  | FILEUPLOAD-35 |  | file upload can be very slow | Bug | Fixed | Closed | 
|  | FILEUPLOAD-31 |  | [PATCH] Added some tests | Bug | Fixed | Closed | 
|  | FILEUPLOAD-29 |  | [fileupload] Remove Javadoc warnings | Bug | Fixed | Closed | 
|  | FILEUPLOAD-22 |  | FileUpload default constructor does not create a factory | Bug | Fixed | Closed | 
|  | FILEUPLOAD-21 |  | DefaultFileItem.write() throws NullPointerException if a stream cannot be created | Bug | Fixed | Closed | 
|  | FILEUPLOAD-18 |  | contentType comparisons should be case-insensitive | Bug | Fixed | Closed | 
|  | FILEUPLOAD-16 |  | [fileupload][PATCH] Workaround for IE5 Mac type=image bug | Bug | Fixed | Closed | 
|  | FILEUPLOAD-13 |  | [fileupload] Use the ServletRequest encoding as default | Bug | Fixed | Closed | 
|  | FILEUPLOAD-12 |  | [fileupload] Remove deprecations issued in IO 1.1 | Bug | Fixed | Closed | 
|  | FILEUPLOAD-5 |  | [fileupload] Determining content type | Bug | Fixed | Closed | 
|  | FILEUPLOAD-4 |  | [fileupload] The common upload functions do not work on z/OS WebSphere | Bug | Fixed | Closed | 
|  | FILEUPLOAD-140 |  | Means to preserve text parameters when upload limit exceeded | Improvement | Fixed | Closed | 
|  | FILEUPLOAD-133 |  | Refactor use of FileCleaner into plugable strategy to allow overriding. | Improvement | Fixed | Resolved | 
|  | FILEUPLOAD-128 |  | move commons-fileupload to org.apache.commons.fileupload groupId in maven | Improvement | Fixed | Closed | 
|  | FILEUPLOAD-109 |  | MultipartStream.discardBodyData()  implementation is redundant. | Improvement | Fixed | Closed | 
|  | FILEUPLOAD-105 |  | Support for Portlets (168) | Improvement | Fixed | Closed | 
|  | FILEUPLOAD-101 |  | [FileUpload] does not take 'charset' parameter of the 'Content-Type' header into consideration | Improvement | Fixed | Closed | 
|  | FILEUPLOAD-100 |  | [fileupload] Allow to set headerEncoding to other than platform default encoding for fall-back | Improvement | Fixed | Closed | 
|  | FILEUPLOAD-95 |  | native memory leak results in container crash | Improvement | Fixed | Closed | 
|  | FILEUPLOAD-94 |  | Fileupload fails for forms with a large number of inputs | Improvement | Fixed | Closed | 
|  | FILEUPLOAD-93 |  | [fileupload] Allow parsing requests of unknown length | Improvement | Fixed | Closed | 
|  | FILEUPLOAD-92 |  | The size threshold parameter works based on the whole request instead of individual parts | Improvement | Fixed | Closed | 
|  | FILEUPLOAD-86 |  | File upload exceptions. | Improvement | Fixed | Closed | 
|  | FILEUPLOAD-83 |  | [fileupload][patch] Small improvements for FileUploadBase getFileName and getFieldName | Improvement | Fixed | Closed | 
|  | FILEUPLOAD-78 |  | Documentation: illustrate how to integrate virus control | Improvement | Fixed | Closed | 
|  | FILEUPLOAD-77 |  | [fileupload] State the maximum size in the error message | Improvement | Fixed | Closed | 
|  | FILEUPLOAD-148 |  | FileItemFactory.setMaxStringLength() | New Feature | Fixed | Closed | 
|  | FILEUPLOAD-290 |  | When a large file is uploaded, if there is a refresh page or other operation, the servlet will get a new request, and the file upload request will be aborted. | Wish | Fixed | Closed | 
|  | FILEUPLOAD-132 |  | How do we retrieve the HTTP Headers in the request? | Wish | Fixed | Closed | 
|  | FILEUPLOAD-114 |  | Documentation: dependency on commons-io and other things | Wish | Fixed | Closed | 
| 1.3.3 | FILEUPLOAD-279 |  | CVE-2016-1000031 - Apache Commons FileUpload DiskFileItem File Manipulation Remote Code Execution | Bug | Fixed | Resolved | 
| 1.4 | FILEUPLOAD-258 |  | Empty files in mutipart requests aren't saved to disk | Bug | Fixed | Resolved | 
| 1.4 | FILEUPLOAD-257 |  | Fix Javadoc 1.8 errors | Bug | Fixed | Resolved | 
| 1.4 | FILEUPLOAD-252 |  | DiskFileItem#write can lose original IO error | Bug | Fixed | Resolved | 
| 1.4 | FILEUPLOAD-251 |  | DiskFileItem#getTempFile() is broken | Bug | Fixed | Resolved | 
| 1.4 | FILEUPLOAD-250 |  | FileUploadBase - potential resource leak - InputStream not closed on exception | Bug | Fixed | Resolved | 
| 1.4 | FILEUPLOAD-248 |  | [DISK] Unsafe file move operation (possibly swallowing write errors) | Bug | Fixed | Resolved | 
| 1.4 | FILEUPLOAD-246 |  | FileUpload should use IOUtils.closeQuietly where relevant | Bug | Fixed | Resolved | 
| 1.4 | FILEUPLOAD-245 |  | DiskFileItem.get() may not fully read the data | Bug | Fixed | Closed | 
| 1.4 | FILEUPLOAD-244 |  | .DiskFileItem.readObject fails to close FileInputStream | Bug | Fixed | Resolved | 
| 1.4 | FILEUPLOAD-242 |  | Should not catch and ignore Throwable | Bug | Fixed | Resolved | 
| 1.4 | FILEUPLOAD-234 |  | Bug in docs: tmp file delete conditions in "Resource Cleanup" section of "using.html" | Bug | Fixed | Resolved | 
| 1.4 | FILEUPLOAD-283 |  | Add tests to the portlet package | Improvement | Fixed | Resolved | 
| 1.4 | FILEUPLOAD-282 |  | Upversion complier.source, compiler.target to 1.6 | Improvement | Fixed | Resolved | 
| 1.4 | FILEUPLOAD-273 |  | Test Coverage Report | Improvement | Fixed | Resolved | 
| 1.3.2, 1.4 | FILEUPLOAD-272 |  | Performance Improvement in MultipartStream | Improvement | Fixed | Closed | 
| 1.4 | FILEUPLOAD-243 |  | Make some MultipartStream private fields final | Improvement | Fixed | Resolved | 
| 1.4 | FILEUPLOAD-237 |  | Update Documenation for Streaming | Improvement | Fixed | Resolved | 
| Nightly Builds, 1.4 | FILEUPLOAD-288 |  | Linux dentry cache memory leak due to inappropriate temporary file detection | Improvement | Fixed | Resolved | 
| Nightly Builds | FILEUPLOAD-177 |  | FAQ update to clarify 'struts' -> 'struts 1' | Task | Fixed | Closed | 
| 1.3.1 | FILEUPLOAD-208 |  | CLONE - [fileupload] Use the ServletRequest encoding as default | Improvement | Fixed | Closed | 
| 1.3 | FILEUPLOAD-232 |  | There are no unit tests for the new utils.mime classes | Bug | Fixed | Closed | 
| 1.3 | FILEUPLOAD-229 |  | toLowerCase() is Locale-dependent; should use toLowerCase(Locale.ENGLISH) instead | Bug | Fixed | Closed | 
| 1.3 | FILEUPLOAD-228 |  | (Servlet|Portlet)RequestContext#contentLength() must return request.getContentLength() if Content-length header is not available | Bug | Fixed | Closed | 
| 1.3 | FILEUPLOAD-212 |  | Insecure request size checking | Bug | Fixed | Closed | 
| 1.3 | FILEUPLOAD-204 |  | FileItem.getHeaders() returns always null. | Bug | Fixed | Closed | 
| 1.3 | FILEUPLOAD-202 |  | org.apache.commons.fileupload.FileUploadBase$IOFileUploadException: Processing of multipart/form-data request failed. Stream ended unexpectedly | Bug | Fixed | Closed | 
| 1.3 | FILEUPLOAD-199 |  | Uploads have unexpected results for files with non-ASCII names - support RFC2047 | Bug | Fixed | Closed | 
| 1.3 | FILEUPLOAD-195 |  | Error reading the file size larger than 2 gb | Bug | Fixed | Closed | 
| 1.3 | FILEUPLOAD-189 |  | DiskFileItemFactory use of FileCleaningTracker is documented or coded wrong | Bug | Fixed | Closed | 
| 1.3 | FILEUPLOAD-186 |  | http://commons.apache.org/fileupload/index.html should not mention nightly builds | Bug | Fixed | Closed | 
| 1.3 | FILEUPLOAD-185 |  | http://commons.apache.org/fileupload/index.html is out of date | Bug | Fixed | Closed | 
| 1.3 | FILEUPLOAD-183 |  | commons-io dependency does not get loaded by maven if only dependency to commons-fileupload is specified | Bug | Fixed | Closed | 
| 1.3 | FILEUPLOAD-173 |  | Manifest for OSGi has invalid syntax | Bug | Fixed | Closed | 
| 1.3 | FILEUPLOAD-143 |  | "Stream ended unexpectedly" when posting from a Flash client | Bug | Fixed | Closed | 
| 1.3 | FILEUPLOAD-227 |  | Private immutable fields which could be final | Improvement | Fixed | Closed | 
| 1.3 | FILEUPLOAD-226 |  | DiskFileItem.counter could be converted to AtomicInteger (or AtomicLong?) | Improvement | Fixed | Closed | 
| 1.3 | FILEUPLOAD-225 |  | Replace java.rmi.server.UID() with java.util.UUID | Improvement | Fixed | Closed | 
| 1.3 | FILEUPLOAD-224 |  | Avoid string concatenations while parsing headers, use buffers instead | Improvement | Fixed | Closed | 
| 1.3 | FILEUPLOAD-223 |  | Update commons-io dependency to latest version that supports JDK1.5 | Improvement | Fixed | Closed | 
| 1.3 | FILEUPLOAD-210 |  | Process HTTP Requests Into Maps | Improvement | Fixed | Closed | 
| 1.3 | FILEUPLOAD-209 |  | Add Support for Generic Types | Improvement | Fixed | Closed | 
| 1.3 | FILEUPLOAD-207 |  | enhance file read/write performance | Improvement | Fixed | Closed | 
| 1.3 | FILEUPLOAD-182 |  | Documentation: add simple HTML form example to fileupload user guide | Improvement | Fixed | Closed | 
| 1.3 | FILEUPLOAD-215 |  | version 1.3 improvement tasks | Task | Fixed | Closed | 
| 1.3 | FILEUPLOAD-201 |  | Update to JDK 1.5 and bump IO dependency to 2.0.1 | Task | Fixed | Closed | 
| 1.2.2 | FILEUPLOAD-160 |  | disk leak if multipart parse error | Bug | Fixed | Closed | 
| 1.2.2 | FILEUPLOAD-158 |  | MultipartStream javadoc example cannot be compiled | Bug | Fixed | Closed | 
| 1.2.2 | FILEUPLOAD-157 |  | The ProgressListener isn't always notified about the total number of Items found in a MultipartStream. | Bug | Fixed | Closed | 
| 1.2.2 | FILEUPLOAD-156 |  | MultipartStream constructor requires package access to avoid deprecation warnings | Bug | Fixed | Closed | 
| 1.2.2 | FILEUPLOAD-152 |  | Unit incompatibility betweenFileUpload.setFileSizeMax and FileUploadBase$FileItemIteratorImpl | Bug | Fixed | Closed | 
| 1.2.2 | FILEUPLOAD-155 |  | Fix documentation on resource clean up in conjunction with DiskFileItemFactory | Improvement | Fixed | Closed |