[
https://issues.apache.org/jira/browse/HADOOP-19912?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-19912:
--------------------------------
Description:
See HADOOP-19910 - there is a CVE in Jetty but releases of 9.4 are rare and are
'sponsored' - Jetty 9.4 is not actively maintained. There are some commercial
forks.
Jetty 12 needs Java 17+.
Will also force Jersey to upgraded to 3 or 4.
And to replace many javax classes/jars with their jakarta equivalents.
was:
See HADOOP-19910 - there is a CVE in Jetty but releases of 9.4 are rare and are
'sponsored' - Jetty 9.4 is not actively maintained. There are some commercial
forks.
Jetty 12 needs Java 17+.
> Upgrade to Jetty 11 or 12
> -------------------------
>
> Key: HADOOP-19912
> URL: https://issues.apache.org/jira/browse/HADOOP-19912
> Project: Hadoop Common
> Issue Type: Task
> Reporter: PJ Fanning
> Priority: Major
>
> See HADOOP-19910 - there is a CVE in Jetty but releases of 9.4 are rare and
> are 'sponsored' - Jetty 9.4 is not actively maintained. There are some
> commercial forks.
> Jetty 12 needs Java 17+.
> Will also force Jersey to upgraded to 3 or 4.
> And to replace many javax classes/jars with their jakarta equivalents.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
