kamaci opened a new pull request #8385: Jetty version is updated. URL: https://github.com/apache/incubator-druid/pull/8385 Fixes #8384. ### Description Jetty version should be upgraded to version 9.4.17.v20190418 or later due to it has these vulnerabilities: https://nvd.nist.gov/vuln/detail/CVE-2019-10241 https://nvd.nist.gov/vuln/detail/CVE-2019-10247 https://nvd.nist.gov/vuln/detail/CVE-2019-10246 https://nvd.nist.gov/vuln/detail/CVE-2018-12545 https://nvd.nist.gov/vuln/detail/CVE-2017-7658 https://nvd.nist.gov/vuln/detail/CVE-2017-7656 https://nvd.nist.gov/vuln/detail/CVE-2018-12536 https://nvd.nist.gov/vuln/detail/CVE-2018-12538 Jetty version is upgraded to 9.4.20.v20190813 <hr> This PR has: - [X] been self-reviewed. - [ ] added documentation for new or modified features or behaviors. - [ ] added Javadocs for most classes and all non-trivial methods. Linked related entities via Javadoc links. - [X] added or updated version, license, or notice information in [licenses.yaml](https://github.com/apache/incubator-druid/blob/master/licenses.yaml) - [ ] added comments explaining the "why" and the intent of the code wherever would not be obvious for an unfamiliar reader. - [ ] added unit tests or modified existing tests to cover new code paths. - [ ] added integration tests. - [ ] been tested in a test Druid cluster. <hr>
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
