[druid] 02/02: Bump jetty to latest version (#10563)

[ji...@apache.org]

This is an automated email from the ASF dual-hosted git repository.

jihoonson pushed a commit to branch 0.20.1
in repository https://gitbox.apache.org/repos/asf/druid.git

commit 1c4852647212b3a4f9480f0fe2b0c16de3509ecd
Author: Suneet Saldanha <su...@apache.org>
AuthorDate: Mon Nov 9 08:51:36 2020 -0800

    Bump jetty to latest version (#10563)
    
    This addresses CVE-2020-27216 which was flagged by the security vulnerability
    job.
---
 licenses.yaml | 2 +-
 pom.xml       | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/licenses.yaml b/licenses.yaml
index b603e3f..c5e3b34 100644
--- a/licenses.yaml
+++ b/licenses.yaml
@@ -1691,7 +1691,7 @@ name: Jetty
 license_category: binary
 module: java-core
 license_name: Apache License version 2.0
-version: 9.4.30.v20200611
+version: 9.4.34.v20201102
 libraries:
   - org.eclipse.jetty: jetty-client
   - org.eclipse.jetty: jetty-continuation
diff --git a/pom.xml b/pom.xml
index 070a56a..9abe9e5 100644
--- a/pom.xml
+++ b/pom.xml
@@ -91,7 +91,7 @@
         <guava.version>16.0.1</guava.version>
         <guice.version>4.1.0</guice.version>
         <hamcrest.version>1.3</hamcrest.version>
-        <jetty.version>9.4.30.v20200611</jetty.version>
+        <jetty.version>9.4.34.v20201102</jetty.version>
         <jersey.version>1.19.3</jersey.version>
         <jackson.version>2.10.2</jackson.version>
         <jackson.databind.version>2.10.5.1</jackson.databind.version>


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@druid.apache.org
For additional commands, e-mail: commits-help@druid.apache.org