issue-12628: upgrade jetty to 9.4.41.v20210516 due to CVE #12629

pjfanning · 2022-06-10T10:58:14Z

Fixes #12628 .

This PR has:

been self-reviewed.
- using the concurrency checklist (Remove this item if the PR doesn't have any relation to concurrency.)
added documentation for new or modified features or behaviors.
added Javadocs for most classes and all non-trivial methods. Linked related entities via Javadoc links.
added or updated version, license, or notice information in licenses.yaml
added comments explaining the "why" and the intent of the code wherever would not be obvious for an unfamiliar reader.
added unit tests or modified existing tests to cover new code paths, ensuring the threshold for code coverage is met.
added integration tests.
been tested in a test Druid cluster.

pjfanning changed the title ~~upgrade jetty to 9.4.41.v20210516 due to CVE~~ issue-12628: upgrade jetty to 9.4.41.v20210516 due to CVE Jun 10, 2022

capistrant added the Security label Jun 10, 2022

pjfanning force-pushed the patch-1 branch from 748f939 to cba9dd5 Compare June 23, 2022 15:02

upgrade jetty to 9.4.41.v20210516 due to cve

78425f1

pjfanning force-pushed the patch-1 branch from cba9dd5 to 78425f1 Compare June 23, 2022 15:06

Update licenses.yaml

d9947c3

FrankChen021 approved these changes Jun 27, 2022

View reviewed changes

FrankChen021 merged commit 059aba7 into apache:master Jul 6, 2022

pjfanning deleted the patch-1 branch July 7, 2022 09:22

abhishekagarwal87 added this to the 24.0.0 milestone Aug 26, 2022

techdocsmith mentioned this pull request Aug 26, 2022

[Draft] 24.0 Release notes #12825

Closed

abhishekagarwal87 mentioned this pull request Sep 8, 2022

Test issue [Please ignore] #13055

Closed

Provide feedback