Home Explore Help
Register Sign In
apache
/
zookeeper
mirror of https://gitee.com/apache/zookeeper.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

ZOOKEEPER-4900: Bump patch release of jetty to include CVE fix for CVE-2024-6763

Reviewers: cnauroth, kezhuw, tisonkun
Author: pfcoperez
Closes #2220 from pfcoperez/ZOOKEEPER-4876/CVE-2024-6763
Pablo Francisco Pérez Hidalgo 3 weeks ago
parent
b86ccf19cf
commit
97a29de5c7
10 changed files with 1 additions and 6 deletions
Split View Show Diff Stats
  1. 0 5
      owaspSuppressions.xml
  2. 1 1
      pom.xml
  3. 0 0
      zookeeper-server/src/main/resources/lib/jetty-client-9.4.57.v20241219.LICENSE.txt
  4. 0 0
      zookeeper-server/src/main/resources/lib/jetty-http-9.4.57.v20241219.LICENSE.txt
  5. 0 0
      zookeeper-server/src/main/resources/lib/jetty-io-9.4.57.v20241219.LICENSE.txt
  6. 0 0
      zookeeper-server/src/main/resources/lib/jetty-security-9.4.57.v20241219.LICENSE.txt
  7. 0 0
      zookeeper-server/src/main/resources/lib/jetty-server-9.4.57.v20241219.LICENSE.txt
  8. 0 0
      zookeeper-server/src/main/resources/lib/jetty-servlet-9.4.57.v20241219.LICENSE.txt
  9. 0 0
      zookeeper-server/src/main/resources/lib/jetty-util-9.4.57.v20241219.LICENSE.txt
  10. 0 0
      zookeeper-server/src/main/resources/lib/jetty-util-ajax-9.4.57.v20241219.LICENSE.txt

+ 0 - 5
owaspSuppressions.xml
View File 

@@ -18,11 +18,6 @@
 
 -->
 
 
 <suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.2.xsd">
 
-   <suppress>
 
-      <!-- ZooKeeper is not affected, because HttpURI is not used in our code.
 
-           see: ZOOKEEPER-4876 -->
 
-      <cve>CVE-2024-6763</cve>
 
-   </suppress>
 
    <suppress>
 
       <!-- ZOOKEEPER-3217 -->
 
       <cve>CVE-2018-8088</cve>

+ 1 - 1
pom.xml
View File 

@@ -560,7 +560,7 @@
 
     <hamcrest.version>2.2</hamcrest.version>
 
     <commons-cli.version>1.5.0</commons-cli.version>
 
     <netty.version>4.1.119.Final</netty.version>
 
-    <jetty.version>9.4.56.v20240826</jetty.version>
 
+    <jetty.version>9.4.57.v20241219</jetty.version>
 
     <jackson.version>2.15.2</jackson.version>
 
     <jline.version>2.14.6</jline.version>
 
     <snappy.version>1.1.10.5</snappy.version>

+ 0 - 0
zookeeper-server/src/main/resources/lib/jetty-client-9.4.53.v20231009.LICENSE.txt → zookeeper-server/src/main/resources/lib/jetty-client-9.4.57.v20241219.LICENSE.txt
View File


+ 0 - 0
zookeeper-server/src/main/resources/lib/jetty-http-9.4.53.v20231009.LICENSE.txt → zookeeper-server/src/main/resources/lib/jetty-http-9.4.57.v20241219.LICENSE.txt
View File


+ 0 - 0
zookeeper-server/src/main/resources/lib/jetty-io-9.4.53.v20231009.LICENSE.txt → zookeeper-server/src/main/resources/lib/jetty-io-9.4.57.v20241219.LICENSE.txt
View File


+ 0 - 0
zookeeper-server/src/main/resources/lib/jetty-security-9.4.53.v20231009.LICENSE.txt → zookeeper-server/src/main/resources/lib/jetty-security-9.4.57.v20241219.LICENSE.txt
View File


+ 0 - 0
zookeeper-server/src/main/resources/lib/jetty-server-9.4.53.v20231009.LICENSE.txt → zookeeper-server/src/main/resources/lib/jetty-server-9.4.57.v20241219.LICENSE.txt
View File


+ 0 - 0
zookeeper-server/src/main/resources/lib/jetty-servlet-9.4.53.v20231009.LICENSE.txt → zookeeper-server/src/main/resources/lib/jetty-servlet-9.4.57.v20241219.LICENSE.txt
View File


+ 0 - 0
zookeeper-server/src/main/resources/lib/jetty-util-9.4.53.v20231009.LICENSE.txt → zookeeper-server/src/main/resources/lib/jetty-util-9.4.57.v20241219.LICENSE.txt
View File


+ 0 - 0
zookeeper-server/src/main/resources/lib/jetty-util-ajax-9.4.53.v20231009.LICENSE.txt → zookeeper-server/src/main/resources/lib/jetty-util-ajax-9.4.57.v20241219.LICENSE.txt
View File