Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

update jetty to address CVE-2024-22201 #16000

Merged
merged 1 commit into from Feb 29, 2024
Merged

update jetty to address CVE-2024-22201 #16000

merged 1 commit into from Feb 29, 2024

Conversation

janjwerner-confluent
Copy link
Contributor

@janjwerner-confluent janjwerner-confluent commented Feb 28, 2024
edited

Description

  • Update Jetty from version 9.4.53.v20231009 to version 9.4.54.v20240208 to address CVE-2024-22201

This PR has:

  • been self-reviewed.
  • added documentation for new or modified features or behaviors.
  • a release note entry in the PR description.
  • added Javadocs for most classes and all non-trivial methods. Linked related entities via Javadoc links.
  • added or updated version, license, or notice information in licenses.yaml
  • added comments explaining the "why" and the intent of the code wherever would not be obvious for an unfamiliar reader.
  • added unit tests or modified existing tests to cover new code paths, ensuring the threshold for code coverage is met.
  • added integration tests.
  • been tested in a test Druid cluster.

@FrankChen021 FrankChen021 merged commit d6f59d1 into apache:master Feb 29, 2024
84 checks passed
317brian pushed a commit to 317brian/druid that referenced this pull request Feb 29, 2024
@janjwerner-confluent @317brian
update jetty to address CVE (apache#16000)
eeb1e45
asdf2014 added a commit that referenced this pull request Mar 4, 2024
@317brian @vogievetsky
@janjwerner-confluent @AmatyaAvadhanula @fectrain @kfaraz @asdf2014
docs: mention acid-compliance for meta store (#16014)
b3015bd 
* docs: add mermaid diagram support

* fix crash when parsing data in data loader that can not be parsed (#15983)

* update jetty to address CVE (#16000)

* Concurrent replace should work with supervisors using concurrent locks (#15995)

* Concurrent replace should work with supervisors using concurrent locks

* Ignore supervisors with useConcurrentLocks set to false

* Apply feedback

* Add pre-check for heavy debug logs (#15706)

Co-authored-by: Kashif Faraz <kashif.faraz@gmail.com>
Co-authored-by: Benedict Jin <asdf2014@apache.org>

* Remove helm paths from CodeQL config (#16006)

* docs: mention acid-compliance for metadb

---------

Co-authored-by: Vadim Ogievetsky <vadim@ogievetsky.com>
Co-authored-by: Jan Werner <105367074+janjwerner-confluent@users.noreply.github.com>
Co-authored-by: AmatyaAvadhanula <amatya.avadhanula@imply.io>
Co-authored-by: Sensor <fectrain@outlook.com>
Co-authored-by: Kashif Faraz <kashif.faraz@gmail.com>
Co-authored-by: Benedict Jin <asdf2014@apache.org>
@adarshsanjeev adarshsanjeev added this to the 30.0.0 milestone May 6, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@FrankChen021 FrankChen021 FrankChen021 approved these changes

Assignees
No one assigned
Labels
Area - Dependencies
Projects
None yet
Milestone
30.0.0
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@janjwerner-confluent @FrankChen021 @adarshsanjeev