You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@kafka.apache.org by ma...@apache.org on 2020/11/09 17:11:47 UTC

[kafka] branch 2.4 updated: MINOR: Update jetty to 9.4.33

This is an automated email from the ASF dual-hosted git repository.

manikumar pushed a commit to branch 2.4
in repository https://gitbox.apache.org/repos/asf/kafka.git


The following commit(s) were added to refs/heads/2.4 by this push:
     new 012cea2  MINOR: Update jetty to 9.4.33
012cea2 is described below

commit 012cea2f1b56f2d381b03ee6524c0825bd07dc5f
Author: Nitesh Mor <nm...@confluent.io>
AuthorDate: Tue Nov 3 15:20:57 2020 -0800

    MINOR: Update jetty to 9.4.33
    
    Jetty 9.4.32 and before are affected by CVE-2020-27216. This vulnerability
    is fixed in Jetty 9.4.33, please see the following for details:
    https://github.com/eclipse/jetty.project/security/advisories/GHSA-g3wg-6mcf-8jj6#advisory-comment-63053
---
 gradle/dependencies.gradle | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gradle/dependencies.gradle b/gradle/dependencies.gradle
index 062dd54..0e7f2c6 100644
--- a/gradle/dependencies.gradle
+++ b/gradle/dependencies.gradle
@@ -73,8 +73,8 @@ versions += [
   easymock: "4.0.2",
   jackson: "2.10.0",
   jacoco: "0.8.3",
-  jetty: "9.4.20.v20190813",
-  jersey: "2.28",
+  jetty: "9.4.33.v20201020",
+  jersey: "2.31",
   jmh: "1.21",
   hamcrest: "2.1",
   log4j: "1.2.17",