Skip to content

Commit e099f3a

Browse files
lhotarilhotari
committed
[fix][sec] Upgrade Jetty to 9.4.57.v20241219 to mitigate CVE-2024-6763 (#24232)
(cherry picked from commit 611dc3f)
1 parent 55edd4e commit e099f3a

File tree

3 files changed

+28
-28
lines changed

3 files changed

+28
-28
lines changed

distribution/server/src/assemble/LICENSE.bin.txt

Lines changed: 19 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -392,25 +392,25 @@ The Apache Software License, Version 2.0
392392
- org.asynchttpclient-async-http-client-2.12.4.jar
393393
- org.asynchttpclient-async-http-client-netty-utils-2.12.4.jar
394394
* Jetty
395-
- org.eclipse.jetty-jetty-client-9.4.56.v20240826.jar
396-
- org.eclipse.jetty-jetty-continuation-9.4.56.v20240826.jar
397-
- org.eclipse.jetty-jetty-http-9.4.56.v20240826.jar
398-
- org.eclipse.jetty-jetty-io-9.4.56.v20240826.jar
399-
- org.eclipse.jetty-jetty-proxy-9.4.56.v20240826.jar
400-
- org.eclipse.jetty-jetty-security-9.4.56.v20240826.jar
401-
- org.eclipse.jetty-jetty-server-9.4.56.v20240826.jar
402-
- org.eclipse.jetty-jetty-servlet-9.4.56.v20240826.jar
403-
- org.eclipse.jetty-jetty-servlets-9.4.56.v20240826.jar
404-
- org.eclipse.jetty-jetty-util-9.4.56.v20240826.jar
405-
- org.eclipse.jetty-jetty-util-ajax-9.4.56.v20240826.jar
406-
- org.eclipse.jetty.websocket-javax-websocket-client-impl-9.4.56.v20240826.jar
407-
- org.eclipse.jetty.websocket-websocket-api-9.4.56.v20240826.jar
408-
- org.eclipse.jetty.websocket-websocket-client-9.4.56.v20240826.jar
409-
- org.eclipse.jetty.websocket-websocket-common-9.4.56.v20240826.jar
410-
- org.eclipse.jetty.websocket-websocket-server-9.4.56.v20240826.jar
411-
- org.eclipse.jetty.websocket-websocket-servlet-9.4.56.v20240826.jar
412-
- org.eclipse.jetty-jetty-alpn-conscrypt-server-9.4.56.v20240826.jar
413-
- org.eclipse.jetty-jetty-alpn-server-9.4.56.v20240826.jar
395+
- org.eclipse.jetty-jetty-client-9.4.57.v20241219.jar
396+
- org.eclipse.jetty-jetty-continuation-9.4.57.v20241219.jar
397+
- org.eclipse.jetty-jetty-http-9.4.57.v20241219.jar
398+
- org.eclipse.jetty-jetty-io-9.4.57.v20241219.jar
399+
- org.eclipse.jetty-jetty-proxy-9.4.57.v20241219.jar
400+
- org.eclipse.jetty-jetty-security-9.4.57.v20241219.jar
401+
- org.eclipse.jetty-jetty-server-9.4.57.v20241219.jar
402+
- org.eclipse.jetty-jetty-servlet-9.4.57.v20241219.jar
403+
- org.eclipse.jetty-jetty-servlets-9.4.57.v20241219.jar
404+
- org.eclipse.jetty-jetty-util-9.4.57.v20241219.jar
405+
- org.eclipse.jetty-jetty-util-ajax-9.4.57.v20241219.jar
406+
- org.eclipse.jetty.websocket-javax-websocket-client-impl-9.4.57.v20241219.jar
407+
- org.eclipse.jetty.websocket-websocket-api-9.4.57.v20241219.jar
408+
- org.eclipse.jetty.websocket-websocket-client-9.4.57.v20241219.jar
409+
- org.eclipse.jetty.websocket-websocket-common-9.4.57.v20241219.jar
410+
- org.eclipse.jetty.websocket-websocket-server-9.4.57.v20241219.jar
411+
- org.eclipse.jetty.websocket-websocket-servlet-9.4.57.v20241219.jar
412+
- org.eclipse.jetty-jetty-alpn-conscrypt-server-9.4.57.v20241219.jar
413+
- org.eclipse.jetty-jetty-alpn-server-9.4.57.v20241219.jar
414414
* SnakeYaml -- org.yaml-snakeyaml-2.0.jar
415415
* RocksDB - org.rocksdb-rocksdbjni-7.9.2.jar
416416
* Google Error Prone Annotations - com.google.errorprone-error_prone_annotations-2.24.0.jar

distribution/shell/src/assemble/LICENSE.bin.txt

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -402,14 +402,14 @@ The Apache Software License, Version 2.0
402402
- async-http-client-2.12.4.jar
403403
- async-http-client-netty-utils-2.12.4.jar
404404
* Jetty
405-
- jetty-client-9.4.56.v20240826.jar
406-
- jetty-http-9.4.56.v20240826.jar
407-
- jetty-io-9.4.56.v20240826.jar
408-
- jetty-util-9.4.56.v20240826.jar
409-
- javax-websocket-client-impl-9.4.56.v20240826.jar
410-
- websocket-api-9.4.56.v20240826.jar
411-
- websocket-client-9.4.56.v20240826.jar
412-
- websocket-common-9.4.56.v20240826.jar
405+
- jetty-client-9.4.57.v20241219.jar
406+
- jetty-http-9.4.57.v20241219.jar
407+
- jetty-io-9.4.57.v20241219.jar
408+
- jetty-util-9.4.57.v20241219.jar
409+
- javax-websocket-client-impl-9.4.57.v20241219.jar
410+
- websocket-api-9.4.57.v20241219.jar
411+
- websocket-client-9.4.57.v20241219.jar
412+
- websocket-common-9.4.57.v20241219.jar
413413
* SnakeYaml -- snakeyaml-2.0.jar
414414
* Google Error Prone Annotations - error_prone_annotations-2.24.0.jar
415415
* Javassist -- javassist-3.25.0-GA.jar

pom.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -146,7 +146,7 @@ flexible messaging model and an intuitive client API.</description>
146146
<curator.version>5.7.1</curator.version>
147147
<netty.version>4.1.121.Final</netty.version>
148148
<netty-iouring.version>0.0.26.Final</netty-iouring.version>
149-
<jetty.version>9.4.56.v20240826</jetty.version>
149+
<jetty.version>9.4.57.v20241219</jetty.version>
150150
<conscrypt.version>2.5.2</conscrypt.version>
151151
<jersey.version>2.42</jersey.version>
152152
<athenz.version>1.10.50</athenz.version>

0 commit comments

Comments
 (0)