You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@kafka.apache.org by ma...@apache.org on 2020/11/09 16:48:13 UTC
[kafka] branch 2.7 updated: MINOR: Update jetty to 9.4.33
This is an automated email from the ASF dual-hosted git repository.
manikumar pushed a commit to branch 2.7
in repository https://gitbox.apache.org/repos/asf/kafka.git
The following commit(s) were added to refs/heads/2.7 by this push:
new 6ef5fc8 MINOR: Update jetty to 9.4.33
6ef5fc8 is described below
commit 6ef5fc8c0a226f2b1cb8563800291f5f37c07f53
Author: Nitesh Mor <nm...@confluent.io>
AuthorDate: Mon Nov 9 22:14:29 2020 +0530
MINOR: Update jetty to 9.4.33
Jetty 9.4.32 and before are affected by CVE-2020-27216. This vulnerability is fixed in Jetty 9.4.33, please see the jetty project security advisory for details: https://github.com/eclipse/jetty.project/security/advisories/GHSA-g3wg-6mcf-8jj6#advisory-comment-63053
Unit tests and integration tests pass locally after the upgrade.
Author: Nitesh Mor <nm...@confluent.io>
Reviewers: Manikumar Reddy <ma...@gmail.com>
Closes #9556 from niteshmor/trunk
(cherry picked from commit d61dc0c1832935ae680388dcb8c12d1250dece33)
Signed-off-by: Manikumar Reddy <ma...@gmail.com>
---
gradle/dependencies.gradle | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/gradle/dependencies.gradle b/gradle/dependencies.gradle
index 1eacff9..0a28c3a 100644
--- a/gradle/dependencies.gradle
+++ b/gradle/dependencies.gradle
@@ -68,7 +68,7 @@ versions += [
easymock: "4.2",
jackson: "2.10.5",
jacoco: "0.8.5",
- jetty: "9.4.30.v20200611",
+ jetty: "9.4.33.v20201020",
jersey: "2.31",
jmh: "1.23",
hamcrest: "2.2",