You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@zookeeper.apache.org by dd...@apache.org on 2021/09/01 16:52:47 UTC
[zookeeper] branch branch-3.7 updated: ZOOKEEPER-4337: Bump jetty
to 9.4.43.v20210629 (avoids CVE-2021-34429)
This is an automated email from the ASF dual-hosted git repository.
ddiederen pushed a commit to branch branch-3.7
in repository https://gitbox.apache.org/repos/asf/zookeeper.git
The following commit(s) were added to refs/heads/branch-3.7 by this push:
new 84166e1 ZOOKEEPER-4337: Bump jetty to 9.4.43.v20210629 (avoids CVE-2021-34429)
84166e1 is described below
commit 84166e18906d6e611b64d8128fefddc14d86da14
Author: Damien Diederen <dd...@apache.org>
AuthorDate: Wed Sep 1 16:50:38 2021 +0000
ZOOKEEPER-4337: Bump jetty to 9.4.43.v20210629 (avoids CVE-2021-34429)
Version 9.4.43.v20210629 is the latest available in the 9.4 series at the time of this commit. Its release notes explicitly declare "This release resolves CVE-2021-34429":
https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.43.v20210629
Author: Damien Diederen <dd...@apache.org>
Reviewers: Norbert Kalmar <nk...@apache.org>, Enrico Olivelli <eo...@apache.org>
Closes #1734 from ztzg/ZOOKEEPER-4337-owasp-failures
(cherry picked from commit 561231f8bfe910e63dbd8c281cb25033a0e7d7a5)
Signed-off-by: Damien Diederen <dd...@apache.org>
---
pom.xml | 2 +-
...39.v20210325.LICENSE.txt => jetty-http-9.4.43.v20210629.LICENSE.txt} | 0
...4.39.v20210325.LICENSE.txt => jetty-io-9.4.43.v20210629.LICENSE.txt} | 0
...20210325.LICENSE.txt => jetty-security-9.4.43.v20210629.LICENSE.txt} | 0
....v20210325.LICENSE.txt => jetty-server-9.4.43.v20210629.LICENSE.txt} | 0
...v20210325.LICENSE.txt => jetty-servlet-9.4.43.v20210629.LICENSE.txt} | 0
...39.v20210325.LICENSE.txt => jetty-util-9.4.43.v20210629.LICENSE.txt} | 0
...0210325.LICENSE.txt => jetty-util-ajax-9.4.43.v20210629.LICENSE.txt} | 0
8 files changed, 1 insertion(+), 1 deletion(-)
diff --git a/pom.xml b/pom.xml
index 71c0db8..3c730cb 100755
--- a/pom.xml
+++ b/pom.xml
@@ -438,7 +438,7 @@
<hamcrest.version>2.2</hamcrest.version>
<commons-cli.version>1.4</commons-cli.version>
<netty.version>4.1.63.Final</netty.version>
- <jetty.version>9.4.39.v20210325</jetty.version>
+ <jetty.version>9.4.43.v20210629</jetty.version>
<jackson.version>2.10.5.1</jackson.version>
<jline.version>2.14.6</jline.version>
<snappy.version>1.1.7.7</snappy.version>
diff --git a/zookeeper-server/src/main/resources/lib/jetty-util-ajax-9.4.39.v20210325.LICENSE.txt b/zookeeper-server/src/main/resources/lib/jetty-http-9.4.43.v20210629.LICENSE.txt
similarity index 100%
rename from zookeeper-server/src/main/resources/lib/jetty-util-ajax-9.4.39.v20210325.LICENSE.txt
rename to zookeeper-server/src/main/resources/lib/jetty-http-9.4.43.v20210629.LICENSE.txt
diff --git a/zookeeper-server/src/main/resources/lib/jetty-util-9.4.39.v20210325.LICENSE.txt b/zookeeper-server/src/main/resources/lib/jetty-io-9.4.43.v20210629.LICENSE.txt
similarity index 100%
rename from zookeeper-server/src/main/resources/lib/jetty-util-9.4.39.v20210325.LICENSE.txt
rename to zookeeper-server/src/main/resources/lib/jetty-io-9.4.43.v20210629.LICENSE.txt
diff --git a/zookeeper-server/src/main/resources/lib/jetty-servlet-9.4.39.v20210325.LICENSE.txt b/zookeeper-server/src/main/resources/lib/jetty-security-9.4.43.v20210629.LICENSE.txt
similarity index 100%
rename from zookeeper-server/src/main/resources/lib/jetty-servlet-9.4.39.v20210325.LICENSE.txt
rename to zookeeper-server/src/main/resources/lib/jetty-security-9.4.43.v20210629.LICENSE.txt
diff --git a/zookeeper-server/src/main/resources/lib/jetty-server-9.4.39.v20210325.LICENSE.txt b/zookeeper-server/src/main/resources/lib/jetty-server-9.4.43.v20210629.LICENSE.txt
similarity index 100%
rename from zookeeper-server/src/main/resources/lib/jetty-server-9.4.39.v20210325.LICENSE.txt
rename to zookeeper-server/src/main/resources/lib/jetty-server-9.4.43.v20210629.LICENSE.txt
diff --git a/zookeeper-server/src/main/resources/lib/jetty-security-9.4.39.v20210325.LICENSE.txt b/zookeeper-server/src/main/resources/lib/jetty-servlet-9.4.43.v20210629.LICENSE.txt
similarity index 100%
rename from zookeeper-server/src/main/resources/lib/jetty-security-9.4.39.v20210325.LICENSE.txt
rename to zookeeper-server/src/main/resources/lib/jetty-servlet-9.4.43.v20210629.LICENSE.txt
diff --git a/zookeeper-server/src/main/resources/lib/jetty-io-9.4.39.v20210325.LICENSE.txt b/zookeeper-server/src/main/resources/lib/jetty-util-9.4.43.v20210629.LICENSE.txt
similarity index 100%
rename from zookeeper-server/src/main/resources/lib/jetty-io-9.4.39.v20210325.LICENSE.txt
rename to zookeeper-server/src/main/resources/lib/jetty-util-9.4.43.v20210629.LICENSE.txt
diff --git a/zookeeper-server/src/main/resources/lib/jetty-http-9.4.39.v20210325.LICENSE.txt b/zookeeper-server/src/main/resources/lib/jetty-util-ajax-9.4.43.v20210629.LICENSE.txt
similarity index 100%
rename from zookeeper-server/src/main/resources/lib/jetty-http-9.4.39.v20210325.LICENSE.txt
rename to zookeeper-server/src/main/resources/lib/jetty-util-ajax-9.4.43.v20210629.LICENSE.txt