[zookeeper] branch master updated: ZOOKEEPER-4337: Bump jetty to 9.4.43.v20210629 (avoids CVE-2021-34429)

ddiederen Wed, 01 Sep 2021 09:52:49 -0700

This is an automated email from the ASF dual-hosted git repository.

ddiederen pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/zookeeper.git



The following commit(s) were added to refs/heads/master by this push:
     new 561231f  ZOOKEEPER-4337: Bump jetty to 9.4.43.v20210629 (avoids 
CVE-2021-34429)
561231f is described below

commit 561231f8bfe910e63dbd8c281cb25033a0e7d7a5
Author: Damien Diederen <[email protected]>
AuthorDate: Wed Sep 1 16:50:38 2021 +0000

    ZOOKEEPER-4337: Bump jetty to 9.4.43.v20210629 (avoids CVE-2021-34429)
    
    Version 9.4.43.v20210629 is the latest available in the 9.4 series at the 
time of this commit.  Its release notes explicitly declare "This release 
resolves CVE-2021-34429":
    
      
https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.43.v20210629
    
    Author: Damien Diederen <[email protected]>
    
    Reviewers: Norbert Kalmar <[email protected]>, Enrico Olivelli 
<[email protected]>
    
    Closes #1734 from ztzg/ZOOKEEPER-4337-owasp-failures
---
 pom.xml                                                                 | 2 +-
 ...39.v20210325.LICENSE.txt => jetty-http-9.4.43.v20210629.LICENSE.txt} | 0
 ...4.39.v20210325.LICENSE.txt => jetty-io-9.4.43.v20210629.LICENSE.txt} | 0
 ...20210325.LICENSE.txt => jetty-security-9.4.43.v20210629.LICENSE.txt} | 0
 ....v20210325.LICENSE.txt => jetty-server-9.4.43.v20210629.LICENSE.txt} | 0
 ...v20210325.LICENSE.txt => jetty-servlet-9.4.43.v20210629.LICENSE.txt} | 0
 ...39.v20210325.LICENSE.txt => jetty-util-9.4.43.v20210629.LICENSE.txt} | 0
 ...0210325.LICENSE.txt => jetty-util-ajax-9.4.43.v20210629.LICENSE.txt} | 0
 8 files changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 2e35d00..a7861df 100755
--- a/pom.xml
+++ b/pom.xml
@@ -468,7 +468,7 @@
     <hamcrest.version>2.2</hamcrest.version>
     <commons-cli.version>1.4</commons-cli.version>
     <netty.version>4.1.63.Final</netty.version>
-    <jetty.version>9.4.39.v20210325</jetty.version>
+    <jetty.version>9.4.43.v20210629</jetty.version>
     <jackson.version>2.10.5.1</jackson.version>
     <jline.version>2.14.6</jline.version>
     <snappy.version>1.1.7.7</snappy.version>
diff --git 
a/zookeeper-server/src/main/resources/lib/jetty-util-ajax-9.4.39.v20210325.LICENSE.txt
 
b/zookeeper-server/src/main/resources/lib/jetty-http-9.4.43.v20210629.LICENSE.txt
similarity index 100%
rename from 
zookeeper-server/src/main/resources/lib/jetty-util-ajax-9.4.39.v20210325.LICENSE.txt
rename to 
zookeeper-server/src/main/resources/lib/jetty-http-9.4.43.v20210629.LICENSE.txt
diff --git 
a/zookeeper-server/src/main/resources/lib/jetty-util-9.4.39.v20210325.LICENSE.txt
 b/zookeeper-server/src/main/resources/lib/jetty-io-9.4.43.v20210629.LICENSE.txt
similarity index 100%
rename from 
zookeeper-server/src/main/resources/lib/jetty-util-9.4.39.v20210325.LICENSE.txt
rename to 
zookeeper-server/src/main/resources/lib/jetty-io-9.4.43.v20210629.LICENSE.txt
diff --git 
a/zookeeper-server/src/main/resources/lib/jetty-servlet-9.4.39.v20210325.LICENSE.txt
 
b/zookeeper-server/src/main/resources/lib/jetty-security-9.4.43.v20210629.LICENSE.txt
similarity index 100%
rename from 
zookeeper-server/src/main/resources/lib/jetty-servlet-9.4.39.v20210325.LICENSE.txt
rename to 
zookeeper-server/src/main/resources/lib/jetty-security-9.4.43.v20210629.LICENSE.txt
diff --git 
a/zookeeper-server/src/main/resources/lib/jetty-server-9.4.39.v20210325.LICENSE.txt
 
b/zookeeper-server/src/main/resources/lib/jetty-server-9.4.43.v20210629.LICENSE.txt
similarity index 100%
rename from 
zookeeper-server/src/main/resources/lib/jetty-server-9.4.39.v20210325.LICENSE.txt
rename to 
zookeeper-server/src/main/resources/lib/jetty-server-9.4.43.v20210629.LICENSE.txt
diff --git 
a/zookeeper-server/src/main/resources/lib/jetty-security-9.4.39.v20210325.LICENSE.txt
 
b/zookeeper-server/src/main/resources/lib/jetty-servlet-9.4.43.v20210629.LICENSE.txt
similarity index 100%
rename from 
zookeeper-server/src/main/resources/lib/jetty-security-9.4.39.v20210325.LICENSE.txt
rename to 
zookeeper-server/src/main/resources/lib/jetty-servlet-9.4.43.v20210629.LICENSE.txt
diff --git 
a/zookeeper-server/src/main/resources/lib/jetty-io-9.4.39.v20210325.LICENSE.txt 
b/zookeeper-server/src/main/resources/lib/jetty-util-9.4.43.v20210629.LICENSE.txt
similarity index 100%
rename from 
zookeeper-server/src/main/resources/lib/jetty-io-9.4.39.v20210325.LICENSE.txt
rename to 
zookeeper-server/src/main/resources/lib/jetty-util-9.4.43.v20210629.LICENSE.txt
diff --git 
a/zookeeper-server/src/main/resources/lib/jetty-http-9.4.39.v20210325.LICENSE.txt
 
b/zookeeper-server/src/main/resources/lib/jetty-util-ajax-9.4.43.v20210629.LICENSE.txt
similarity index 100%
rename from 
zookeeper-server/src/main/resources/lib/jetty-http-9.4.39.v20210325.LICENSE.txt
rename to 
zookeeper-server/src/main/resources/lib/jetty-util-ajax-9.4.43.v20210629.LICENSE.txt

[zookeeper] branch master updated: ZOOKEEPER-4337: Bump jetty to 9.4.43.v20210629 (avoids CVE-2021-34429)

Reply via email to