Hi, Am 11.04.2021 um 07:48 schrieb Jean-Baptiste Onofre: > I will move forward quickly on Karaf 4.3.2 due to the following issue > detected: > > - Upgrade xbean to 4.19 for better support on war artifacts > - Upgrade Pax Web for new Jetty version and xbean Does that include an update to Jetty as well? I think there was a recent micro release addressing several vulnerabilities (fixes are released for 9.4.39, 10.0.2 and 11.0.2)
https://github.com/eclipse/jetty.project/releases: - CVE-2021-28165 - CVE-2021-28164 - CVE-2021-28163 > - Fix/improvement on the JSON configuration > - Upgrade pax logging and other dependency projects to use > maven-bundle-plugin 5.1.2, fixing the headers > > I hope to submit 4.3.2 to vote mid week. > > I will keep you posted. Thanks! Greetings .sascha
