You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@felix.apache.org by "Jean-Baptiste Onofré (Jira)" <ji...@apache.org> on 2021/05/04 06:35:00 UTC

[jira] [Commented] (FELIX-6405) Update Jetty version to 9.4.40

    [ https://issues.apache.org/jira/browse/FELIX-6405?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17338777#comment-17338777 ] 

Jean-Baptiste Onofré commented on FELIX-6405:
---------------------------------------------

Actually, we should directly upgrade to 9.4.40 as 9.4.39 contains an issue.

> Update Jetty version to 9.4.40
> ------------------------------
>
>                 Key: FELIX-6405
>                 URL: https://issues.apache.org/jira/browse/FELIX-6405
>             Project: Felix
>          Issue Type: Improvement
>          Components: HTTP Service
>            Reporter: Ankita Agarwal
>            Assignee: Carsten Ziegeler
>            Priority: Major
>             Fix For: http.jetty-4.1.8
>
>
> Jetty version is vulnerable according to CVE-2021-28165. We should update the jetty version to the latest release 9.4.39



--
This message was sent by Atlassian Jira
(v8.3.4#803005)