Skip to content

Upgrade jetty to 9.4.39.v20210325#11076

Merged
suneet-s merged 1 commit intoapache:masterfrom
jon-wei:jetty_cve_apr06
Apr 7, 2021
Merged

Upgrade jetty to 9.4.39.v20210325#11076
suneet-s merged 1 commit intoapache:masterfrom
jon-wei:jetty_cve_apr06

Conversation

@jon-wei
Copy link
Copy Markdown
Contributor

@jon-wei jon-wei commented Apr 7, 2021

This PR updates jetty dependencies to version 9.4.39.v20210325, to address the following CVE: https://nvd.nist.gov/vuln/detail/CVE-2021-28165

This PR has:

  • been self-reviewed.
  • added documentation for new or modified features or behaviors.
  • added Javadocs for most classes and all non-trivial methods. Linked related entities via Javadoc links.
  • added or updated version, license, or notice information in licenses.yaml
  • added comments explaining the "why" and the intent of the code wherever would not be obvious for an unfamiliar reader.
  • added unit tests or modified existing tests to cover new code paths, ensuring the threshold for code coverage is met.
  • added integration tests.
  • been tested in a test Druid cluster.

@suneet-s suneet-s merged commit d28d4e8 into apache:master Apr 7, 2021
jihoonson pushed a commit to jihoonson/druid that referenced this pull request Apr 14, 2021
@jon-wei @jihoonson
Upgrade jetty to 9.4.39.v20210325 (apache#11076)
daa3284
@jihoonson jihoonson mentioned this pull request Apr 14, 2021
Merged
@jihoonson jihoonson added this to the 0.21.0 milestone Apr 14, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jihoonson jihoonson jihoonson approved these changes

@suneet-s suneet-s suneet-s approved these changes

Assignees

No one assigned

Labels

Area - Dependencies Security

Projects

None yet

Milestone

0.21.0

Development

Successfully merging this pull request may close these issues.

3 participants

@jon-wei @jihoonson @suneet-s