pool/jetty-minimal
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

OBS-URL: https://build.opensuse.org/package/show/Java:packages/jetty-minimal?expand=0&rev=71

Browse Source
This commit is contained in:
Fridrich Strba 2023-10-12 16:00:35 +00:00 committed by Git OBS Bridge
parent 7ea2eed2de
commit 9f9e2f92e4
3 changed files with 78 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
jetty-minimal.changes
View File

@ -1,3 +1,29 @@
-------------------------------------------------------------------
Thu Oct 12 15:51:00 UTC 2023 - Fridrich Strba <fstrba@suse.com>
- Upgrade to version 9.4.53.v20231009
* Fixes of 9.4.53.v20231009
+ CVE-2023-44487, bsc#1216169
+ CVE-2023-36478, bsc#1216162
+ #10679 - backport HTTP/2 rate control from Jetty 10.0.x
+ #10573 - backport hpack improvements from Jetty 10.0.x
+ #10546 - backport jetty-http Huffman encoders/decoders from
Jetty 10.0.x
* Fixes of 9.4.52.v20230823
+ #10352 - Jetty accepts "+" prefixed value in Content-Length
(CVE-2023-40167, bsc#1215417)
+ #10337 - SizeLimitHandler does not enforce 0 responseLimit
+ #10169 - make sure that a ServiceLoader is retrieved before
iterating
+ #10066 - Allow SAXParserFactory or SAXParser to be configured
in Jetty's XmlParser class - Allows for GHSA-58qw-p7qm-5rvh
workaround
+ #9887 - Deprecate CGI Servlet (CVE-2023-36479, bsc#1215415)
+ #9716 - Deprecate PushSessionCacheFilter
+ #9660 - OpenId Revoked authentication allows one request
(CVE-2023-41900, bsc#1215416)
+ #9476 - onCompleteFailure called multiple times
------------------------------------------------------------------- -------------------------------------------------------------------
Sat Sep 9 14:24:29 UTC 2023 - Fridrich Strba <fstrba@suse.com> Sat Sep 9 14:24:29 UTC 2023 - Fridrich Strba <fstrba@suse.com>

26
jetty-unixsocket.changes
View File

@ -1,3 +1,29 @@
-------------------------------------------------------------------
Thu Oct 12 15:51:00 UTC 2023 - Fridrich Strba <fstrba@suse.com>
- Upgrade to version 9.4.53.v20231009
* Fixes of 9.4.53.v20231009
+ CVE-2023-44487, bsc#1216169
+ CVE-2023-36478, bsc#1216162
+ #10679 - backport HTTP/2 rate control from Jetty 10.0.x
+ #10573 - backport hpack improvements from Jetty 10.0.x
+ #10546 - backport jetty-http Huffman encoders/decoders from
Jetty 10.0.x
* Fixes of 9.4.52.v20230823
+ #10352 - Jetty accepts "+" prefixed value in Content-Length
(CVE-2023-40167, bsc#1215417)
+ #10337 - SizeLimitHandler does not enforce 0 responseLimit
+ #10169 - make sure that a ServiceLoader is retrieved before
iterating
+ #10066 - Allow SAXParserFactory or SAXParser to be configured
in Jetty's XmlParser class - Allows for GHSA-58qw-p7qm-5rvh
workaround
+ #9887 - Deprecate CGI Servlet (CVE-2023-36479, bsc#1215415)
+ #9716 - Deprecate PushSessionCacheFilter
+ #9660 - OpenId Revoked authentication allows one request
(CVE-2023-41900, bsc#1215416)
+ #9476 - onCompleteFailure called multiple times
------------------------------------------------------------------- -------------------------------------------------------------------
Sat Sep 9 14:24:30 UTC 2023 - Fridrich Strba <fstrba@suse.com> Sat Sep 9 14:24:30 UTC 2023 - Fridrich Strba <fstrba@suse.com>

26
jetty-websocket.changes
View File

@ -1,3 +1,29 @@
-------------------------------------------------------------------
Thu Oct 12 15:51:00 UTC 2023 - Fridrich Strba <fstrba@suse.com>
- Upgrade to version 9.4.53.v20231009
* Fixes of 9.4.53.v20231009
+ CVE-2023-44487, bsc#1216169
+ CVE-2023-36478, bsc#1216162
+ #10679 - backport HTTP/2 rate control from Jetty 10.0.x
+ #10573 - backport hpack improvements from Jetty 10.0.x
+ #10546 - backport jetty-http Huffman encoders/decoders from
Jetty 10.0.x
* Fixes of 9.4.52.v20230823
+ #10352 - Jetty accepts "+" prefixed value in Content-Length
(CVE-2023-40167, bsc#1215417)
+ #10337 - SizeLimitHandler does not enforce 0 responseLimit
+ #10169 - make sure that a ServiceLoader is retrieved before
iterating
+ #10066 - Allow SAXParserFactory or SAXParser to be configured
in Jetty's XmlParser class - Allows for GHSA-58qw-p7qm-5rvh
workaround
+ #9887 - Deprecate CGI Servlet (CVE-2023-36479, bsc#1215415)
+ #9716 - Deprecate PushSessionCacheFilter
+ #9660 - OpenId Revoked authentication allows one request
(CVE-2023-41900, bsc#1215416)
+ #9476 - onCompleteFailure called multiple times
------------------------------------------------------------------- -------------------------------------------------------------------
Sat Sep 9 14:24:30 UTC 2023 - Fridrich Strba <fstrba@suse.com> Sat Sep 9 14:24:30 UTC 2023 - Fridrich Strba <fstrba@suse.com>