Skip to content

Commit

Permalink
ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v202011…
Browse files Browse the repository at this point in the history
…02 - CVE-2020-27218

Bump jetty.version to 9.4.35.v20201120.

The [release notes](https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.35.v20201120)
mention [issue 5605](jetty/jetty.project#5605):

> java.io.IOException: unconsumed input during http request parsing

which seems to match the description of
[CVE-2020-27218](http://cve.circl.lu/cve/CVE-2020-27218)

Author: Damien Diederen <[email protected]>

Reviewers: Enrico Olivelli <[email protected]>, Norbert Kalmar <[email protected]>, Andor Molnar <[email protected]>, Patrick D. Hunt <[email protected]>

Closes apache#1552 from ztzg/jetty-upgrade-CVE-2020-27218
  • Loading branch information
ztzg authored and RokLenarcic committed Sep 3, 2022
1 parent 6b77003 commit 3f5fa58
Show file tree
Hide file tree
Showing 12 changed files with 1,669 additions and 1,262 deletions.
2 changes: 1 addition & 1 deletion pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -438,7 +438,7 @@
<hamcrest.version>2.2</hamcrest.version>
<commons-cli.version>1.4</commons-cli.version>
<netty.version>4.1.50.Final</netty.version>
<jetty.version>9.4.34.v20201102</jetty.version>
<jetty.version>9.4.35.v20201120</jetty.version>
<jackson.version>2.10.5</jackson.version>
<jline.version>2.14.6</jline.version>
<snappy.version>1.1.7.7</snappy.version>
Expand Down
Original file line number Diff line number Diff line change
@@ -1,8 +1,7 @@
This program and the accompanying materials are made available under the
terms of the Eclipse Public License 1.0 which is available at
https://www.eclipse.org/org/documents/epl-1.0/EPL-1.0.txt
or the Apache Software License 2.0 which is available at
https://www.apache.org/licenses/LICENSE-2.0
terms of the Eclipse Public License 2.0 which is available at
http://www.eclipse.org/legal/epl-2.0, or the Apache Software License
2.0 which is available at https://www.apache.org/licenses/LICENSE-2.0.



Expand Down
Original file line number Diff line number Diff line change
@@ -1,8 +1,7 @@
This program and the accompanying materials are made available under the
terms of the Eclipse Public License 1.0 which is available at
https://www.eclipse.org/org/documents/epl-1.0/EPL-1.0.txt
or the Apache Software License 2.0 which is available at
https://www.apache.org/licenses/LICENSE-2.0
terms of the Eclipse Public License 2.0 which is available at
http://www.eclipse.org/legal/epl-2.0, or the Apache Software License
2.0 which is available at https://www.apache.org/licenses/LICENSE-2.0.



Expand Down
Original file line number Diff line number Diff line change
@@ -1,8 +1,7 @@
This program and the accompanying materials are made available under the
terms of the Eclipse Public License 1.0 which is available at
https://www.eclipse.org/org/documents/epl-1.0/EPL-1.0.txt
or the Apache Software License 2.0 which is available at
https://www.apache.org/licenses/LICENSE-2.0
terms of the Eclipse Public License 2.0 which is available at
http://www.eclipse.org/legal/epl-2.0, or the Apache Software License
2.0 which is available at https://www.apache.org/licenses/LICENSE-2.0.



Expand Down
Original file line number Diff line number Diff line change
@@ -1,8 +1,7 @@
This program and the accompanying materials are made available under the
terms of the Eclipse Public License 1.0 which is available at
https://www.eclipse.org/org/documents/epl-1.0/EPL-1.0.txt
or the Apache Software License 2.0 which is available at
https://www.apache.org/licenses/LICENSE-2.0
terms of the Eclipse Public License 2.0 which is available at
http://www.eclipse.org/legal/epl-2.0, or the Apache Software License
2.0 which is available at https://www.apache.org/licenses/LICENSE-2.0.



Expand Down

This file was deleted.

Large diffs are not rendered by default.

This file was deleted.

Large diffs are not rendered by default.

This file was deleted.

Large diffs are not rendered by default.

Large diffs are not rendered by default.

0 comments on commit 3f5fa58

Please sign in to comment.