This is an automated email from the ASF dual-hosted git repository.
bowenliang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/kyuubi.git
The following commit(s) were added to refs/heads/master by this push:
new 85dd5a52ef [KYUUBI #6742] Bump Jetty from 9.4.54 to 9.4.56
85dd5a52ef is described below
commit 85dd5a52efa790195ed46b713c53938ffd31c5d9
Author: Bowen Liang <[email protected]>
AuthorDate: Thu Oct 17 21:33:03 2024 +0800
[KYUUBI #6742] Bump Jetty from 9.4.54 to 9.4.56
# :mag: Description
## Issue References ๐
This pull request fixes #
## Describe Your Solution ๐ง
- to fix CVE-2024-8184 reported in
https://github.com/apache/kyuubi/security/dependabot/75
## Types of changes :bookmark:
- [ ] Bugfix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [ ] Breaking change (fix or feature that would cause existing
functionality to change)
## Test Plan ๐งช
#### Behavior Without This Pull Request :coffin:
#### Behavior With This Pull Request :tada:
#### Related Unit Tests
---
# Checklist ๐
- [ ] This patch was not authored or co-authored using [Generative
Tooling](https://www.apache.org/legal/generative-tooling.html)
**Be nice. Be informative.**
Closes #6742 from bowenliang123/jetty-9.4.56.
Closes #6742
1e8fee555 [Bowen Liang] update
96db527d6 [Bowen Liang] bumpu jetty to 9.4.56
Authored-by: Bowen Liang <[email protected]>
Signed-off-by: Bowen Liang <[email protected]>
---
dev/dependencyList | 18 +++++++++---------
pom.xml | 2 +-
2 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/dev/dependencyList b/dev/dependencyList
index 0f7cd9871f..0aaaa1f9c1 100644
--- a/dev/dependencyList
+++ b/dev/dependencyList
@@ -86,15 +86,15 @@ jetcd-api/0.7.7//jetcd-api-0.7.7.jar
jetcd-common/0.7.7//jetcd-common-0.7.7.jar
jetcd-core/0.7.7//jetcd-core-0.7.7.jar
jetcd-grpc/0.7.7//jetcd-grpc-0.7.7.jar
-jetty-client/9.4.54.v20240208//jetty-client-9.4.54.v20240208.jar
-jetty-http/9.4.54.v20240208//jetty-http-9.4.54.v20240208.jar
-jetty-io/9.4.54.v20240208//jetty-io-9.4.54.v20240208.jar
-jetty-proxy/9.4.54.v20240208//jetty-proxy-9.4.54.v20240208.jar
-jetty-security/9.4.54.v20240208//jetty-security-9.4.54.v20240208.jar
-jetty-server/9.4.54.v20240208//jetty-server-9.4.54.v20240208.jar
-jetty-servlet/9.4.54.v20240208//jetty-servlet-9.4.54.v20240208.jar
-jetty-util-ajax/9.4.54.v20240208//jetty-util-ajax-9.4.54.v20240208.jar
-jetty-util/9.4.54.v20240208//jetty-util-9.4.54.v20240208.jar
+jetty-client/9.4.56.v20240826//jetty-client-9.4.56.v20240826.jar
+jetty-http/9.4.56.v20240826//jetty-http-9.4.56.v20240826.jar
+jetty-io/9.4.56.v20240826//jetty-io-9.4.56.v20240826.jar
+jetty-proxy/9.4.56.v20240826//jetty-proxy-9.4.56.v20240826.jar
+jetty-security/9.4.56.v20240826//jetty-security-9.4.56.v20240826.jar
+jetty-server/9.4.56.v20240826//jetty-server-9.4.56.v20240826.jar
+jetty-servlet/9.4.56.v20240826//jetty-servlet-9.4.56.v20240826.jar
+jetty-util-ajax/9.4.56.v20240826//jetty-util-ajax-9.4.56.v20240826.jar
+jetty-util/9.4.56.v20240826//jetty-util-9.4.56.v20240826.jar
jline/2.14.6//jline-2.14.6.jar
jul-to-slf4j/1.7.36//jul-to-slf4j-1.7.36.jar
kafka-clients/3.5.2//kafka-clients-3.5.2.jar
diff --git a/pom.xml b/pom.xml
index e127263503..f734c27ccc 100644
--- a/pom.xml
+++ b/pom.xml
@@ -168,7 +168,7 @@
<jakarta.activation.version>1.2.2</jakarta.activation.version>
<jersey.version>2.40</jersey.version>
<jetcd.version>0.7.7</jetcd.version>
- <jetty.version>9.4.54.v20240208</jetty.version>
+ <jetty.version>9.4.56.v20240826</jetty.version>
<jline.version>2.14.6</jline.version>
<junit.version>4.13.2</junit.version>
<kafka.version>3.5.2</kafka.version>
