You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@felix.apache.org by "Jean-Baptiste Onofré (Jira)" <ji...@apache.org> on 2021/05/04 06:35:00 UTC
[jira] [Commented] (FELIX-6405) Update Jetty version to 9.4.40
[ https://issues.apache.org/jira/browse/FELIX-6405?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17338777#comment-17338777 ]
Jean-Baptiste Onofré commented on FELIX-6405:
---------------------------------------------
Actually, we should directly upgrade to 9.4.40 as 9.4.39 contains an issue.
> Update Jetty version to 9.4.40
> ------------------------------
>
> Key: FELIX-6405
> URL: https://issues.apache.org/jira/browse/FELIX-6405
> Project: Felix
> Issue Type: Improvement
> Components: HTTP Service
> Reporter: Ankita Agarwal
> Assignee: Carsten Ziegeler
> Priority: Major
> Fix For: http.jetty-4.1.8
>
>
> Jetty version is vulnerable according to CVE-2021-28165. We should update the jetty version to the latest release 9.4.39
--
This message was sent by Atlassian Jira
(v8.3.4#803005)