[jira] [Commented] (GEODE-331) Update Jetty version in order to avoid security vulnerability

Jens Deppe (JIRA) Tue, 03 Nov 2015 12:40:56 -0800

    [ 
https://issues.apache.org/jira/browse/GEODE-331?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14988072#comment-14988072
 ]


Jens Deppe commented on GEODE-331:
----------------------------------

As we're now building with Java 8 we can switch to a version of Jetty beyond 
9.2.13 which is only supported on Java 8

> Update Jetty version in order to avoid security vulnerability
> -------------------------------------------------------------
>
>                 Key: GEODE-331
>                 URL: https://issues.apache.org/jira/browse/GEODE-331
>             Project: Geode
>          Issue Type: Bug
>          Components: core, extensions
>            Reporter: William Markito Oliveira
>            Assignee: Jens Deppe
>            Priority: Critical
>
> Update bundled Jetty version in order to avoid JetLeak vulnerability. 
> For more details: 
>    - CVE-2015-2080
>    - 
> http://blog.gdssecurity.com/labs/2015/2/25/jetleak-vulnerability-remote-leakage-of-shared-buffers-in-je.html



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (GEODE-331) Update Jetty version in order to avoid security vulnerability

Reply via email to