[zookeeper] branch branch-3.7 updated: ZOOKEEPER-4754: Update Jetty to avoid CVE-2023-36479, CVE-2023-40167, and CVE-2023-41900

ddiederen Tue, 03 Oct 2023 09:04:13 -0700

This is an automated email from the ASF dual-hosted git repository.

ddiederen pushed a commit to branch branch-3.7
in repository https://gitbox.apache.org/repos/asf/zookeeper.git



The following commit(s) were added to refs/heads/branch-3.7 by this push:
     new b8b5b8a4d ZOOKEEPER-4754: Update Jetty to avoid CVE-2023-36479, 
CVE-2023-40167, and CVE-2023-41900
b8b5b8a4d is described below

commit b8b5b8a4d6fe5eede44ea89c7a2cf46f9ca28514
Author: Damien Diederen <[email protected]>
AuthorDate: Tue Oct 3 15:57:58 2023 +0000

    ZOOKEEPER-4754: Update Jetty to avoid CVE-2023-36479, CVE-2023-40167, and 
CVE-2023-41900
    
    The release notes of the newly referenced release:
    
    https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.52.v20230823
    
    explicitly mention the three CVEs.
    
    Author: Damien Diederen <[email protected]>
    
    Reviewers: tison <[email protected]>, Andor Molnar <[email protected]>
    
    Closes #2074 from ztzg/ZOOKEEPER-4754-jetty-cves
    
    (cherry picked from commit a0aced950c24776403b942e95bf972f14c511348)
    Signed-off-by: Damien Diederen <[email protected]>
---
 pom.xml                                                                 | 2 +-
 ....v20220914.LICENSE.txt => jetty-client-9.4.52.v20230823.LICENSE.txt} | 0
 ...49.v20220914.LICENSE.txt => jetty-http-9.4.52.v20230823.LICENSE.txt} | 0
 ...4.49.v20220914.LICENSE.txt => jetty-io-9.4.52.v20230823.LICENSE.txt} | 0
 ...20220914.LICENSE.txt => jetty-security-9.4.52.v20230823.LICENSE.txt} | 0
 ....v20220914.LICENSE.txt => jetty-server-9.4.52.v20230823.LICENSE.txt} | 0
 ...v20220914.LICENSE.txt => jetty-servlet-9.4.52.v20230823.LICENSE.txt} | 0
 ...49.v20220914.LICENSE.txt => jetty-util-9.4.52.v20230823.LICENSE.txt} | 0
 ...0220914.LICENSE.txt => jetty-util-ajax-9.4.52.v20230823.LICENSE.txt} | 0
 9 files changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index d91982267..500c470f5 100644
--- a/pom.xml
+++ b/pom.xml
@@ -438,7 +438,7 @@
     <hamcrest.version>2.2</hamcrest.version>
     <commons-cli.version>1.5.0</commons-cli.version>
     <netty.version>4.1.94.Final</netty.version>
-    <jetty.version>9.4.49.v20220914</jetty.version>
+    <jetty.version>9.4.52.v20230823</jetty.version>
     <jackson.version>2.15.2</jackson.version>
     <jline.version>2.14.6</jline.version>
     <snappy.version>1.1.10.5</snappy.version>
diff --git 
a/zookeeper-server/src/main/resources/lib/jetty-http-9.4.49.v20220914.LICENSE.txt
 
b/zookeeper-server/src/main/resources/lib/jetty-client-9.4.52.v20230823.LICENSE.txt
similarity index 100%
copy from 
zookeeper-server/src/main/resources/lib/jetty-http-9.4.49.v20220914.LICENSE.txt
copy to 
zookeeper-server/src/main/resources/lib/jetty-client-9.4.52.v20230823.LICENSE.txt
diff --git 
a/zookeeper-server/src/main/resources/lib/jetty-io-9.4.49.v20220914.LICENSE.txt 
b/zookeeper-server/src/main/resources/lib/jetty-http-9.4.52.v20230823.LICENSE.txt
similarity index 100%
rename from 
zookeeper-server/src/main/resources/lib/jetty-io-9.4.49.v20220914.LICENSE.txt
rename to 
zookeeper-server/src/main/resources/lib/jetty-http-9.4.52.v20230823.LICENSE.txt
diff --git 
a/zookeeper-server/src/main/resources/lib/jetty-security-9.4.49.v20220914.LICENSE.txt
 b/zookeeper-server/src/main/resources/lib/jetty-io-9.4.52.v20230823.LICENSE.txt
similarity index 100%
rename from 
zookeeper-server/src/main/resources/lib/jetty-security-9.4.49.v20220914.LICENSE.txt
rename to 
zookeeper-server/src/main/resources/lib/jetty-io-9.4.52.v20230823.LICENSE.txt
diff --git 
a/zookeeper-server/src/main/resources/lib/jetty-server-9.4.49.v20220914.LICENSE.txt
 
b/zookeeper-server/src/main/resources/lib/jetty-security-9.4.52.v20230823.LICENSE.txt
similarity index 100%
rename from 
zookeeper-server/src/main/resources/lib/jetty-server-9.4.49.v20220914.LICENSE.txt
rename to 
zookeeper-server/src/main/resources/lib/jetty-security-9.4.52.v20230823.LICENSE.txt
diff --git 
a/zookeeper-server/src/main/resources/lib/jetty-servlet-9.4.49.v20220914.LICENSE.txt
 
b/zookeeper-server/src/main/resources/lib/jetty-server-9.4.52.v20230823.LICENSE.txt
similarity index 100%
rename from 
zookeeper-server/src/main/resources/lib/jetty-servlet-9.4.49.v20220914.LICENSE.txt
rename to 
zookeeper-server/src/main/resources/lib/jetty-server-9.4.52.v20230823.LICENSE.txt
diff --git 
a/zookeeper-server/src/main/resources/lib/jetty-util-9.4.49.v20220914.LICENSE.txt
 
b/zookeeper-server/src/main/resources/lib/jetty-servlet-9.4.52.v20230823.LICENSE.txt
similarity index 100%
rename from 
zookeeper-server/src/main/resources/lib/jetty-util-9.4.49.v20220914.LICENSE.txt
rename to 
zookeeper-server/src/main/resources/lib/jetty-servlet-9.4.52.v20230823.LICENSE.txt
diff --git 
a/zookeeper-server/src/main/resources/lib/jetty-util-ajax-9.4.49.v20220914.LICENSE.txt
 
b/zookeeper-server/src/main/resources/lib/jetty-util-9.4.52.v20230823.LICENSE.txt
similarity index 100%
rename from 
zookeeper-server/src/main/resources/lib/jetty-util-ajax-9.4.49.v20220914.LICENSE.txt
rename to 
zookeeper-server/src/main/resources/lib/jetty-util-9.4.52.v20230823.LICENSE.txt
diff --git 
a/zookeeper-server/src/main/resources/lib/jetty-http-9.4.49.v20220914.LICENSE.txt
 
b/zookeeper-server/src/main/resources/lib/jetty-util-ajax-9.4.52.v20230823.LICENSE.txt
similarity index 100%
rename from 
zookeeper-server/src/main/resources/lib/jetty-http-9.4.49.v20220914.LICENSE.txt
rename to 
zookeeper-server/src/main/resources/lib/jetty-util-ajax-9.4.52.v20230823.LICENSE.txt

[zookeeper] branch branch-3.7 updated: ZOOKEEPER-4754: Update Jetty to avoid CVE-2023-36479, CVE-2023-40167, and CVE-2023-41900

Reply via email to