Skip to content

12.1.8

Choose a tag to compare

@olamy olamy released this 02 Apr 01:31
jetty-12.1.8
c9cdc9a

Special Thanks to the following Eclipse Jetty community members

Changelog

  • 14757 Fixes for JASPI isMandatory, authType and isAuthenticationRequest params - Addresses CVE-2026-5795
  • #14752 - Jetty 12.1 Violation of RFC9113 with Host and :authority headers
  • #14747 - Revert usage of SLF4J2 fluent APIs
  • #14732 - possible race condition in jetty 12.x code
  • #14694 - Sync jetty-ee11 with jetty-ee10
  • #14689 - ThreadIdPool.take() bottlenecks QueuedThreadPool.tryExecute()
  • #14687 - Destinations don't keep track of redirections.
  • #14685 - CachingHttpContentFactory#getContent may return null if httpContent size is not set
  • #14651 - Retain negative Max-Age cookie attribute
  • #14494 - Review use of CharsetStringBuilder subclasses
  • #14431 - ServletContainerInitializers are always excluded when used with absolute-ordering
  • #14332 - Complete mess with idleTimeout
  • #13685 - Infinite loop on Content.copy() with Content.Source.from(... , Path, ) when Path has size 0.
  • #13513 - Make MemoryEndPoint use RBB.DynamicCapacity (@afarber)
  • #10906 - Add Slf4j ConsoleRequestLog (JettySlf4jRequestLog) module