[jira] [Comment Edited] (SOLR-16332) Upgrade Jetty to latest 9.4.x

["Chris M. Hostetter (Jira)" <ji...@apache.org>]

    [ https://issues.apache.org/jira/browse/SOLR-16332?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17580493#comment-17580493 ] 

Chris M. Hostetter edited comment on SOLR-16332 at 8/16/22 10:31 PM:
---------------------------------------------------------------------

Is there any reason not to go ahead and commit this?

Upgrading to the latest jetty 9.4 in the main branch shouldn't make it any harder to upgrade to jetty10 later (which may or may not happen any time soon)


was (Author: hossman):
Is there any reason not to go ahead and commit this?

Upgrading to the latest jetty 9.4 in the main branch shouldn't make it any harder to upgrade to jetty10 (which may or may not happen any time soon)

> Upgrade Jetty to latest 9.4.x
> -----------------------------
>
>                 Key: SOLR-16332
>                 URL: https://issues.apache.org/jira/browse/SOLR-16332
>             Project: Solr
>          Issue Type: Bug
>      Security Level: Public(Default Security Level. Issues are Public) 
>    Affects Versions: 9.0, 8.11.2
>            Reporter: Chris Sabelstrom
>            Assignee: Jan Høydahl
>            Priority: Major
>         Attachments: image-2022-08-09-09-39-43-134.png
>
>          Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> Fixes Vulnerability CVE-2022-2048 and other known Jetty bugs.
>  
> *User report:*
> A security scanner detected the following vulnerability. Please upgrade to version noted in Status column. Please fix this for 8.11 as well as 9.0
> !image-2022-08-09-09-39-43-134.png!



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org