[
https://issues.apache.org/jira/browse/SENTRY-1121?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15208240#comment-15208240
]
Colm O hEigeartaigh commented on SENTRY-1121:
---------------------------------------------
No, it only works with the Apache repositories on github. There is no need to
verify the fix before we push, as the security advisory states that the fix is
in the Jetty version that this patch updates to. To doublecheck, I will rescan
after the fix is applied.
Colm.
> Update Jetty version
> --------------------
>
> Key: SENTRY-1121
> URL: https://issues.apache.org/jira/browse/SENTRY-1121
> Project: Sentry
> Issue Type: Improvement
> Reporter: Colm O hEigeartaigh
> Assignee: Colm O hEigeartaigh
> Fix For: 1.7.0
>
> Attachments: SENTRY-1121.patch
>
>
> The current Jetty version is 7.6.x. However there is a security vulnerability
> issued recently that is only fixed in the latest 8.1.x patch release:
> https://srcclr.com/security/denial-service-dos-cpu-consumption/java/s-1615
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
