You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@felix.apache.org by "Carsten Ziegeler (Jira)" <ji...@apache.org> on 2020/11/25 06:09:00 UTC

[jira] [Resolved] (FELIX-6364) Security vulnerability CVE-2020-27216 ,update jetty

     [ https://issues.apache.org/jira/browse/FELIX-6364?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Carsten Ziegeler resolved FELIX-6364.
-------------------------------------
    Resolution: Fixed

Thanks for the PR, I've applied it

> Security vulnerability CVE-2020-27216 ,update jetty
> ---------------------------------------------------
>
>                 Key: FELIX-6364
>                 URL: https://issues.apache.org/jira/browse/FELIX-6364
>             Project: Felix
>          Issue Type: Bug
>          Components: HTTP Service
>    Affects Versions: http.jetty-4.1.2
>            Reporter: Abhishek Garg
>            Assignee: Carsten Ziegeler
>            Priority: Major
>              Labels: Jetty, security, vulnerability
>             Fix For: http.jetty-4.1.4
>
>         Attachments: CVE-2020-27216.docx
>
>
> Security vulnerability CVE-2020-27216, update jetty to latest version of 9.4.x.
> latest version of jetty(9.4.x) is [https://mvnrepository.com/artifact/org.eclipse.jetty/jetty-webapp/9.4.35.v20201120]



--
This message was sent by Atlassian Jira
(v8.3.4#803005)