You are viewing a plain text version of this content. The canonical link for it is here.

Posted to jira@kafka.apache.org by "Luke Chen (Jira)" <ji...@apache.org> on 2023/05/15 07:42:00 UTC

[jira] [Resolved] (KAFKA-14983) Upgrade jetty-server to 9.4.51

     [ https://issues.apache.org/jira/browse/KAFKA-14983?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Luke Chen resolved KAFKA-14983.
-------------------------------
    Resolution: Fixed

> Upgrade jetty-server to 9.4.51
> ------------------------------
>
>                 Key: KAFKA-14983
>                 URL: https://issues.apache.org/jira/browse/KAFKA-14983
>             Project: Kafka
>          Issue Type: Task
>    Affects Versions: 3.4.0
>            Reporter: Beltran
>            Priority: Minor
>             Fix For: 3.5.0, 3.4.1
>
>
> Kafka latest versions e.g. 3.4.0 includes jetty-server-9.4.48.v20220622.jar that includes 2 vulnerabilities: CVE-2023-26048 and CVE-2023-26049. Upgrading them to 9.4.51 would fix those issues.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)