You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pulsar.apache.org by lh...@apache.org on 2021/06/14 06:50:10 UTC

[pulsar] branch branch-2.7 updated: Upgrade Jetty to 9.4.42.v20210604 (#10907)

This is an automated email from the ASF dual-hosted git repository.

lhotari pushed a commit to branch branch-2.7
in repository https://gitbox.apache.org/repos/asf/pulsar.git


The following commit(s) were added to refs/heads/branch-2.7 by this push:
     new 15d9a10  Upgrade Jetty to 9.4.42.v20210604 (#10907)
15d9a10 is described below

commit 15d9a10c1727dfd17c2827b1b3e536ae71661575
Author: Lari Hotari <lh...@users.noreply.github.com>
AuthorDate: Fri Jun 11 21:12:26 2021 +0300

    Upgrade Jetty to 9.4.42.v20210604 (#10907)
    
    Fixes #10906
    
    Also addresses CVE-2021-28169
    
    (cherry picked from commit 6c03154ff29868181124a0a1a81e9ea09b22a9b0)
---
 distribution/server/src/assemble/LICENSE.bin.txt | 34 ++++++++++++------------
 pom.xml                                          |  2 +-
 pulsar-sql/presto-distribution/LICENSE           | 14 +++++-----
 3 files changed, 25 insertions(+), 25 deletions(-)

diff --git a/distribution/server/src/assemble/LICENSE.bin.txt b/distribution/server/src/assemble/LICENSE.bin.txt
index 105f3c5..1db072e 100644
--- a/distribution/server/src/assemble/LICENSE.bin.txt
+++ b/distribution/server/src/assemble/LICENSE.bin.txt
@@ -430,23 +430,23 @@ The Apache Software License, Version 2.0
     - org.asynchttpclient-async-http-client-2.12.1.jar
     - org.asynchttpclient-async-http-client-netty-utils-2.12.1.jar
  * Jetty
-    - org.eclipse.jetty-jetty-client-9.4.39.v20210325.jar
-    - org.eclipse.jetty-jetty-continuation-9.4.39.v20210325.jar
-    - org.eclipse.jetty-jetty-http-9.4.39.v20210325.jar
-    - org.eclipse.jetty-jetty-io-9.4.39.v20210325.jar
-    - org.eclipse.jetty-jetty-proxy-9.4.39.v20210325.jar
-    - org.eclipse.jetty-jetty-security-9.4.39.v20210325.jar
-    - org.eclipse.jetty-jetty-server-9.4.39.v20210325.jar
-    - org.eclipse.jetty-jetty-servlet-9.4.39.v20210325.jar
-    - org.eclipse.jetty-jetty-servlets-9.4.39.v20210325.jar
-    - org.eclipse.jetty-jetty-util-9.4.39.v20210325.jar
-    - org.eclipse.jetty-jetty-util-ajax-9.4.39.v20210325.jar
-    - org.eclipse.jetty.websocket-javax-websocket-client-impl-9.4.39.v20210325.jar
-    - org.eclipse.jetty.websocket-websocket-api-9.4.39.v20210325.jar
-    - org.eclipse.jetty.websocket-websocket-client-9.4.39.v20210325.jar
-    - org.eclipse.jetty.websocket-websocket-common-9.4.39.v20210325.jar
-    - org.eclipse.jetty.websocket-websocket-server-9.4.39.v20210325.jar
-    - org.eclipse.jetty.websocket-websocket-servlet-9.4.39.v20210325.jar
+    - org.eclipse.jetty-jetty-client-9.4.42.v20210604.jar
+    - org.eclipse.jetty-jetty-continuation-9.4.42.v20210604.jar
+    - org.eclipse.jetty-jetty-http-9.4.42.v20210604.jar
+    - org.eclipse.jetty-jetty-io-9.4.42.v20210604.jar
+    - org.eclipse.jetty-jetty-proxy-9.4.42.v20210604.jar
+    - org.eclipse.jetty-jetty-security-9.4.42.v20210604.jar
+    - org.eclipse.jetty-jetty-server-9.4.42.v20210604.jar
+    - org.eclipse.jetty-jetty-servlet-9.4.42.v20210604.jar
+    - org.eclipse.jetty-jetty-servlets-9.4.42.v20210604.jar
+    - org.eclipse.jetty-jetty-util-9.4.42.v20210604.jar
+    - org.eclipse.jetty-jetty-util-ajax-9.4.42.v20210604.jar
+    - org.eclipse.jetty.websocket-javax-websocket-client-impl-9.4.42.v20210604.jar
+    - org.eclipse.jetty.websocket-websocket-api-9.4.42.v20210604.jar
+    - org.eclipse.jetty.websocket-websocket-client-9.4.42.v20210604.jar
+    - org.eclipse.jetty.websocket-websocket-common-9.4.42.v20210604.jar
+    - org.eclipse.jetty.websocket-websocket-server-9.4.42.v20210604.jar
+    - org.eclipse.jetty.websocket-websocket-servlet-9.4.42.v20210604.jar
  * SnakeYaml -- org.yaml-snakeyaml-1.26.jar
  * RocksDB - org.rocksdb-rocksdbjni-6.10.2.jar
  * Google Error Prone Annotations - com.google.errorprone-error_prone_annotations-2.3.4.jar
diff --git a/pom.xml b/pom.xml
index 15a378b..28011b4 100644
--- a/pom.xml
+++ b/pom.xml
@@ -102,7 +102,7 @@ flexible messaging model and an intuitive client API.</description>
     <zookeeper.version>3.5.7</zookeeper.version>
     <netty.version>4.1.60.Final</netty.version>
     <netty-tc-native.version>2.0.36.Final</netty-tc-native.version>
-    <jetty.version>9.4.39.v20210325</jetty.version>
+    <jetty.version>9.4.42.v20210604</jetty.version>
     <jersey.version>2.31</jersey.version>
     <athenz.version>1.10.9</athenz.version>
     <prometheus.version>0.5.0</prometheus.version>
diff --git a/pulsar-sql/presto-distribution/LICENSE b/pulsar-sql/presto-distribution/LICENSE
index d627cd9..71f785a 100644
--- a/pulsar-sql/presto-distribution/LICENSE
+++ b/pulsar-sql/presto-distribution/LICENSE
@@ -439,13 +439,13 @@ The Apache Software License, Version 2.0
   * Java Assist
     - javassist-3.25.0-GA.jar
   * Jetty
-    - jetty-http-9.4.39.v20210325.jar
-    - jetty-io-9.4.39.v20210325.jar
-    - jetty-security-9.4.39.v20210325.jar
-    - jetty-server-9.4.39.v20210325.jar
-    - jetty-servlet-9.4.39.v20210325.jar
-    - jetty-util-9.4.39.v20210325.jar
-    - jetty-util-ajax-9.4.39.v20210325.jar
+    - jetty-http-9.4.42.v20210604.jar
+    - jetty-io-9.4.42.v20210604.jar
+    - jetty-security-9.4.42.v20210604.jar
+    - jetty-server-9.4.42.v20210604.jar
+    - jetty-servlet-9.4.42.v20210604.jar
+    - jetty-util-9.4.42.v20210604.jar
+    - jetty-util-ajax-9.4.42.v20210604.jar
   * Java Native Access
     - jna-4.2.0.jar
     - jna-5.3.1.jar