You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@zeppelin.apache.org by pr...@apache.org on 2018/08/08 07:11:12 UTC
zeppelin git commit: Update org.eclipse.jetty version to
9.4.11.v20180605 to avoid CVE issues
Repository: zeppelin
Updated Branches:
refs/heads/master cbf222848 -> 8e5013c6a
Update org.eclipse.jetty version to 9.4.11.v20180605 to avoid CVE issues
Update org.eclipse.jetty version to 9.4.11.v20180605 to avoid CVE issues.
See https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00123.html for reported issues.
[Improvement]
* [ZEPPELIN-3686](https://issues.apache.org/jira/browse/ZEPPELIN-3686)
* CI should be green
* Does the licenses files need update? N/A
* Is there breaking changes for older versions? N/A
* Does this needs documentation? N/A
Author: Prabhjyot Singh <pr...@gmail.com>
Closes #3114 from prabhjyotsingh/ZEPPELIN-3686 and squashes the following commits:
4939a750d [Prabhjyot Singh] fix test failure
99cc6706f [Prabhjyot Singh] ZEPPELIN-3686: Update org.eclipse.jetty version to 9.4.11.v20180605 to avoid CVE issues
Change-Id: Iffdd81a14e0c15277e024934ab5a0da0c769d10a
Project: http://git-wip-us.apache.org/repos/asf/zeppelin/repo
Commit: http://git-wip-us.apache.org/repos/asf/zeppelin/commit/8e5013c6
Tree: http://git-wip-us.apache.org/repos/asf/zeppelin/tree/8e5013c6
Diff: http://git-wip-us.apache.org/repos/asf/zeppelin/diff/8e5013c6
Branch: refs/heads/master
Commit: 8e5013c6a87cebe0cf3a5168014371c2e4b8b616
Parents: cbf2228
Author: Prabhjyot Singh <pr...@gmail.com>
Authored: Tue Aug 7 13:52:23 2018 +0530
Committer: Prabhjyot Singh <pr...@gmail.com>
Committed: Wed Aug 8 12:40:57 2018 +0530
----------------------------------------------------------------------
pom.xml | 2 +-
zeppelin-plugins/notebookrepo/zeppelin-hub/pom.xml | 1 -
.../zeppelin/configuration/RequestHeaderSizeTest.java | 10 +++++-----
3 files changed, 6 insertions(+), 7 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/zeppelin/blob/8e5013c6/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index 1f5e243..99bc19b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -108,7 +108,7 @@
<libthrift.version>0.9.3</libthrift.version>
<gson.version>2.2</gson.version>
<gson-extras.version>0.2.1</gson-extras.version>
- <jetty.version>9.2.15.v20160210</jetty.version>
+ <jetty.version>9.4.11.v20180605</jetty.version>
<httpcomponents.core.version>4.4.1</httpcomponents.core.version>
<httpcomponents.client.version>4.5.1</httpcomponents.client.version>
<httpcomponents.asyncclient.version>4.0.2</httpcomponents.asyncclient.version>
http://git-wip-us.apache.org/repos/asf/zeppelin/blob/8e5013c6/zeppelin-plugins/notebookrepo/zeppelin-hub/pom.xml
----------------------------------------------------------------------
diff --git a/zeppelin-plugins/notebookrepo/zeppelin-hub/pom.xml b/zeppelin-plugins/notebookrepo/zeppelin-hub/pom.xml
index cbfacec..6135612 100644
--- a/zeppelin-plugins/notebookrepo/zeppelin-hub/pom.xml
+++ b/zeppelin-plugins/notebookrepo/zeppelin-hub/pom.xml
@@ -37,7 +37,6 @@
<description>NotebookRepo implementation based on Zeppelin Hub</description>
<properties>
- <jetty.version>9.2.15.v20160210</jetty.version>
<google.truth.version>0.27</google.truth.version>
<plugin.name>NotebookRepo/ZeppelinHubRepo</plugin.name>
</properties>
http://git-wip-us.apache.org/repos/asf/zeppelin/blob/8e5013c6/zeppelin-server/src/test/java/org/apache/zeppelin/configuration/RequestHeaderSizeTest.java
----------------------------------------------------------------------
diff --git a/zeppelin-server/src/test/java/org/apache/zeppelin/configuration/RequestHeaderSizeTest.java b/zeppelin-server/src/test/java/org/apache/zeppelin/configuration/RequestHeaderSizeTest.java
index 307dacb..de21aa8 100644
--- a/zeppelin-server/src/test/java/org/apache/zeppelin/configuration/RequestHeaderSizeTest.java
+++ b/zeppelin-server/src/test/java/org/apache/zeppelin/configuration/RequestHeaderSizeTest.java
@@ -20,9 +20,9 @@ import static org.hamcrest.CoreMatchers.is;
import static org.hamcrest.MatcherAssert.assertThat;
import org.apache.commons.httpclient.HttpClient;
-import org.apache.commons.httpclient.HttpStatus;
import org.apache.commons.httpclient.methods.GetMethod;
import org.apache.commons.lang.RandomStringUtils;
+import org.eclipse.jetty.http.HttpStatus;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
@@ -46,20 +46,20 @@ public class RequestHeaderSizeTest extends AbstractTestRestApi {
}
@Test
- public void increased_request_header_size_do_not_cause_413_when_request_size_is_over_8K()
- throws Exception {
+ public void increased_request_header_size_do_not_cause_431_when_request_size_is_over_8K()
+ throws Exception {
HttpClient httpClient = new HttpClient();
GetMethod getMethod = new GetMethod(getUrlToTest() + "/version");
String headerValue = RandomStringUtils.randomAlphanumeric(REQUEST_HEADER_MAX_SIZE - 2000);
getMethod.setRequestHeader("not_too_large_header", headerValue);
int httpCode = httpClient.executeMethod(getMethod);
- assertThat(httpCode, is(HttpStatus.SC_OK));
+ assertThat(httpCode, is(HttpStatus.OK_200));
getMethod = new GetMethod(getUrlToTest() + "/version");
headerValue = RandomStringUtils.randomAlphanumeric(REQUEST_HEADER_MAX_SIZE + 2000);
getMethod.setRequestHeader("too_large_header", headerValue);
httpCode = httpClient.executeMethod(getMethod);
- assertThat(httpCode, is(HttpStatus.SC_REQUEST_TOO_LONG));
+ assertThat(httpCode, is(HttpStatus.REQUEST_HEADER_FIELDS_TOO_LARGE_431));
}
}