[bookkeeper] 13/31: Upgrade jetty version to 9.4.51.v20230217 (#3937)

chenhang Fri, 14 Jul 2023 03:45:08 -0700

This is an automated email from the ASF dual-hosted git repository.

chenhang pushed a commit to branch branch-4.14
in repository https://gitbox.apache.org/repos/asf/bookkeeper.git


commit f90963f8de72eddaf4213cede6f67c016301666f
Author: Hang Chen <[email protected]>
AuthorDate: Thu May 4 11:43:17 2023 +0800

    Upgrade jetty version to 9.4.51.v20230217 (#3937)
    
    Detailed paths
    Introduced through: 
org.apache.bookkeeper:[email protected] › 
org.apache.bookkeeper.stats:[email protected] › 
org.eclipse.jetty:[email protected] › 
org.eclipse.jetty:[email protected] › 
org.eclipse.jetty:[email protected]
    Fix: No remediation path available.
    
    Upgrade jetty version to 9.4.51.v20230217 to resolve this CVE.
    
    (cherry picked from commit fffcca08bd1829b968b66439029b8e4f57f1e49e)
---
 bookkeeper-dist/src/main/resources/LICENSE-all.bin.txt   | 14 +++++++-------
 .../src/main/resources/LICENSE-server.bin.txt            | 14 +++++++-------
 bookkeeper-dist/src/main/resources/NOTICE-all.bin.txt    | 16 ++++++++--------
 bookkeeper-dist/src/main/resources/NOTICE-server.bin.txt | 16 ++++++++--------
 pom.xml                                                  |  2 +-
 5 files changed, 31 insertions(+), 31 deletions(-)

diff --git a/bookkeeper-dist/src/main/resources/LICENSE-all.bin.txt 
b/bookkeeper-dist/src/main/resources/LICENSE-all.bin.txt
index 45d8a799c7..c1ea0250ac 100644
--- a/bookkeeper-dist/src/main/resources/LICENSE-all.bin.txt
+++ b/bookkeeper-dist/src/main/resources/LICENSE-all.bin.txt
@@ -250,13 +250,13 @@ Apache Software License, Version 2.
 - lib/org.apache.zookeeper-zookeeper-3.6.2.jar [21]
 - lib/org.apache.zookeeper-zookeeper-jute-3.6.2.jar [21]
 - lib/org.apache.zookeeper-zookeeper-3.6.2-tests.jar [21]
-- lib/org.eclipse.jetty-jetty-http-9.4.48.v20220622.jar [22]
-- lib/org.eclipse.jetty-jetty-io-9.4.48.v20220622.jar [22]
-- lib/org.eclipse.jetty-jetty-security-9.4.48.v20220622.jar [22]
-- lib/org.eclipse.jetty-jetty-server-9.4.48.v20220622.jar [22]
-- lib/org.eclipse.jetty-jetty-servlet-9.4.48.v20220622.jar [22]
-- lib/org.eclipse.jetty-jetty-util-9.4.48.v20220622.jar [22]
-- lib/org.eclipse.jetty-jetty-util-ajax-9.4.48.v20220622.jar [22]
+- lib/org.eclipse.jetty-jetty-http-9.4.51.v20230217.jar [22]
+- lib/org.eclipse.jetty-jetty-io-9.4.51.v20230217.jar [22]
+- lib/org.eclipse.jetty-jetty-security-9.4.51.v20230217.jar [22]
+- lib/org.eclipse.jetty-jetty-server-9.4.51.v20230217.jar [22]
+- lib/org.eclipse.jetty-jetty-servlet-9.4.51.v20230217.jar [22]
+- lib/org.eclipse.jetty-jetty-util-9.4.51.v20230217.jar [22]
+- lib/org.eclipse.jetty-jetty-util-ajax-9.4.51.v20230217.jar [22]
 - lib/org.rocksdb-rocksdbjni-6.29.4.1.jar [23]
 - lib/com.beust-jcommander-1.82.jar [24]
 - lib/com.yahoo.datasketches-memory-0.8.3.jar [25]
diff --git a/bookkeeper-dist/src/main/resources/LICENSE-server.bin.txt 
b/bookkeeper-dist/src/main/resources/LICENSE-server.bin.txt
index 702e27a2f1..e5c98c57a1 100644
--- a/bookkeeper-dist/src/main/resources/LICENSE-server.bin.txt
+++ b/bookkeeper-dist/src/main/resources/LICENSE-server.bin.txt
@@ -250,13 +250,13 @@ Apache Software License, Version 2.
 - lib/org.apache.zookeeper-zookeeper-3.6.2.jar [21]
 - lib/org.apache.zookeeper-zookeeper-jute-3.6.2.jar [21]
 - lib/org.apache.zookeeper-zookeeper-3.6.2-tests.jar [21]
-- lib/org.eclipse.jetty-jetty-http-9.4.48.v20220622.jar [22]
-- lib/org.eclipse.jetty-jetty-io-9.4.48.v20220622.jar [22]
-- lib/org.eclipse.jetty-jetty-security-9.4.48.v20220622.jar [22]
-- lib/org.eclipse.jetty-jetty-server-9.4.48.v20220622.jar [22]
-- lib/org.eclipse.jetty-jetty-servlet-9.4.48.v20220622.jar [22]
-- lib/org.eclipse.jetty-jetty-util-9.4.48.v20220622.jar [22]
-- lib/org.eclipse.jetty-jetty-util-ajax-9.4.48.v20220622.jar [22]
+- lib/org.eclipse.jetty-jetty-http-9.4.51.v20230217.jar [22]
+- lib/org.eclipse.jetty-jetty-io-9.4.51.v20230217.jar [22]
+- lib/org.eclipse.jetty-jetty-security-9.4.51.v20230217.jar [22]
+- lib/org.eclipse.jetty-jetty-server-9.4.51.v20230217.jar [22]
+- lib/org.eclipse.jetty-jetty-servlet-9.4.51.v20230217.jar [22]
+- lib/org.eclipse.jetty-jetty-util-9.4.51.v20230217.jar [22]
+- lib/org.eclipse.jetty-jetty-util-ajax-9.4.51.v20230217.jar [22]
 - lib/org.rocksdb-rocksdbjni-6.29.4.1.jar [23]
 - lib/com.beust-jcommander-1.82.jar [24]
 - lib/com.yahoo.datasketches-memory-0.8.3.jar [25]
diff --git a/bookkeeper-dist/src/main/resources/NOTICE-all.bin.txt 
b/bookkeeper-dist/src/main/resources/NOTICE-all.bin.txt
index 2350e7af8d..93a66f1192 100644
--- a/bookkeeper-dist/src/main/resources/NOTICE-all.bin.txt
+++ b/bookkeeper-dist/src/main/resources/NOTICE-all.bin.txt
@@ -80,13 +80,13 @@ SoundCloud Ltd. (http://soundcloud.com/).
 This product includes software developed as part of the
 Ocelli project by Netflix Inc. (https://github.com/Netflix/ocelli/).
 
------------------------------------------------------------------------------------
-- lib/org.eclipse.jetty-jetty-http-9.4.48.v20220622.jar
-- lib/org.eclipse.jetty-jetty-io-9.4.48.v20220622.jar
-- lib/org.eclipse.jetty-jetty-security-9.4.48.v20220622jar
-- lib/org.eclipse.jetty-jetty-server-9.4.48.v20220622.jar
-- lib/org.eclipse.jetty-jetty-servlet-9.4.48.v20220622.jar
-- lib/org.eclipse.jetty-jetty-util-9.4.48.v20220622.jar
-- lib/org.eclipse.jetty-jetty-util-ajax-9.4.48.v20220622.jar
+- lib/org.eclipse.jetty-jetty-http-9.4.51.v20230217.jar
+- lib/org.eclipse.jetty-jetty-io-9.4.51.v20230217.jar
+- lib/org.eclipse.jetty-jetty-security-9.4.51.v20230217.jar
+- lib/org.eclipse.jetty-jetty-server-9.4.51.v20230217.jar
+- lib/org.eclipse.jetty-jetty-servlet-9.4.51.v20230217.jar
+- lib/org.eclipse.jetty-jetty-util-9.4.51.v20230217.jar
+- lib/org.eclipse.jetty-jetty-util-ajax-9.4.51.v20230217.jar
 
 ==============================================================
  Jetty Web Container
@@ -108,7 +108,7 @@ Jetty is dual licensed under both
 
 Jetty may be distributed under either license.
 
-lib/org.eclipse.jetty-jetty-util-9.4.48.v20220622.jar bundles UnixCrypt
+lib/org.eclipse.jetty-jetty-util-9.4.51.v20230217.jar bundles UnixCrypt
 
 The UnixCrypt.java code implements the one way cryptography used by
 Unix systems for simple password protection.  Copyright 1996 Aki Yoshida,
diff --git a/bookkeeper-dist/src/main/resources/NOTICE-server.bin.txt 
b/bookkeeper-dist/src/main/resources/NOTICE-server.bin.txt
index 92396a7e8c..88b04c4cbf 100644
--- a/bookkeeper-dist/src/main/resources/NOTICE-server.bin.txt
+++ b/bookkeeper-dist/src/main/resources/NOTICE-server.bin.txt
@@ -63,13 +63,13 @@ SoundCloud Ltd. (http://soundcloud.com/).
 This product includes software developed as part of the
 Ocelli project by Netflix Inc. (https://github.com/Netflix/ocelli/).
 
------------------------------------------------------------------------------------
-- lib/org.eclipse.jetty-jetty-http-9.4.48.v20220622.jar
-- lib/org.eclipse.jetty-jetty-io-9.4.48.v20220622.jar
-- lib/org.eclipse.jetty-jetty-security-9.4.48.v20220622.jar
-- lib/org.eclipse.jetty-jetty-server-9.4.48.v20220622.jar
-- lib/org.eclipse.jetty-jetty-servlet-9.4.48.v20220622.jar
-- lib/org.eclipse.jetty-jetty-util-9.4.48.v20220622.jar
-- lib/org.eclipse.jetty-jetty-util-ajax-9.4.48.v20220622.jar
+- lib/org.eclipse.jetty-jetty-http-9.4.51.v20230217.jar
+- lib/org.eclipse.jetty-jetty-io-9.4.51.v20230217.jar
+- lib/org.eclipse.jetty-jetty-security-9.4.51.v20230217.jar
+- lib/org.eclipse.jetty-jetty-server-9.4.51.v20230217.jar
+- lib/org.eclipse.jetty-jetty-servlet-9.4.51.v20230217.jar
+- lib/org.eclipse.jetty-jetty-util-9.4.51.v20230217.jar
+- lib/org.eclipse.jetty-jetty-util-ajax-9.4.51.v20230217.jar
 
 ==============================================================
  Jetty Web Container
@@ -91,7 +91,7 @@ Jetty is dual licensed under both
 
 Jetty may be distributed under either license.
 
-lib/org.eclipse.jetty-jetty-util-9.4.48.v20220622.jar bundles UnixCrypt
+lib/org.eclipse.jetty-jetty-util-9.4.51.v20230217.jar bundles UnixCrypt
 
 The UnixCrypt.java code implements the one way cryptography used by
 Unix systems for simple password protection.  Copyright 1996 Aki Yoshida,
diff --git a/pom.xml b/pom.xml
index a427cc14a7..ac3fbb4cee 100644
--- a/pom.xml
+++ b/pom.xml
@@ -139,7 +139,7 @@
     <hdrhistogram.version>2.1.10</hdrhistogram.version>
     <jackson.version>2.13.4</jackson.version>
     <jcommander.version>1.82</jcommander.version>
-    <jetty.version>9.4.48.v20220622</jetty.version>
+    <jetty.version>9.4.51.v20230217</jetty.version>
     <jmh.version>1.19</jmh.version>
     <jmock.version>2.8.2</jmock.version>
     <jna.version>3.2.7</jna.version>

[bookkeeper] 13/31: Upgrade jetty version to 9.4.51.v20230217 (#3937)

Reply via email to