mingyen066 opened a new pull request, #21452: URL: https://github.com/apache/kafka/pull/21452
Upgrade Jetty from 12.0.22 to 12.0.32 to address [CVE-2025-5115](https://github.com/jetty/jetty.project/security/advisories/GHSA-mmxm-8w33-wc4h) (MadeYouReset HTTP/2 DoS, CVSS 7.7 HIGH). Although Kafka Connect and Trogdor only use HTTP/1.1 and are not directly affected, upgrading to eliminate the vulnerable dependency. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
