diff --git a/jetty-alpn.changes b/jetty-alpn.changes index e223a0a..9c7f04d 100644 --- a/jetty-alpn.changes +++ b/jetty-alpn.changes @@ -1,3 +1,17 @@ +------------------------------------------------------------------- +Tue Oct 15 21:27:27 UTC 2024 - Fridrich Strba + +- Upgrade to version 9.4.56.v20240826 + * Security fixes: + + CVE-2024-8184, bsc#1231651, ThreadLimitHandler.getRemote() + vulnerable to remote DoS attacks + * Changes: + + #12201 backport ThreadLimitHandler improvements from Jetty 12 + + #11938 - Updating URL refs from eclipse.org/jetty and + eclipse.dev/jetty to jetty.org (including XML dtd references) + + #10805 - Jetty response with an invalid HTTP2 packet if the + client set the hpack table size as 0 + ------------------------------------------------------------------- Fri Oct 11 10:31:15 UTC 2024 - Fridrich Strba diff --git a/jetty-alpn.spec b/jetty-alpn.spec index 9d18fa0..66852b6 100644 --- a/jetty-alpn.spec +++ b/jetty-alpn.spec @@ -18,10 +18,10 @@ %global base_name jetty -%global addver .v20240208 +%global addver .v20240826 %define src_name %{base_name}.project-%{base_name}-%{version}%{addver} Name: %{base_name}-alpn -Version: 9.4.54 +Version: 9.4.56 Release: 0 Summary: The alpn modules for Jetty License: Apache-2.0 OR EPL-1.0 diff --git a/jetty-http2.changes b/jetty-http2.changes index ec4b71e..fe30ad9 100644 --- a/jetty-http2.changes +++ b/jetty-http2.changes @@ -1,3 +1,17 @@ +------------------------------------------------------------------- +Tue Oct 15 21:27:27 UTC 2024 - Fridrich Strba + +- Upgrade to version 9.4.56.v20240826 + * Security fixes: + + CVE-2024-8184, bsc#1231651, ThreadLimitHandler.getRemote() + vulnerable to remote DoS attacks + * Changes: + + #12201 backport ThreadLimitHandler improvements from Jetty 12 + + #11938 - Updating URL refs from eclipse.org/jetty and + eclipse.dev/jetty to jetty.org (including XML dtd references) + + #10805 - Jetty response with an invalid HTTP2 packet if the + client set the hpack table size as 0 + ------------------------------------------------------------------- Fri Oct 11 17:30:25 UTC 2024 - Fridrich Strba diff --git a/jetty-http2.spec b/jetty-http2.spec index 9f8b620..99f15ec 100644 --- a/jetty-http2.spec +++ b/jetty-http2.spec @@ -18,10 +18,10 @@ %global base_name jetty -%global addver .v20240208 +%global addver .v20240826 %define src_name %{base_name}.project-%{base_name}-%{version}%{addver} Name: %{base_name}-http2 -Version: 9.4.54 +Version: 9.4.56 Release: 0 Summary: The http2 modules for Jetty License: Apache-2.0 OR EPL-1.0 diff --git a/jetty-minimal.changes b/jetty-minimal.changes index 58fce8c..9be6c4b 100644 --- a/jetty-minimal.changes +++ b/jetty-minimal.changes @@ -1,3 +1,17 @@ +------------------------------------------------------------------- +Tue Oct 15 21:27:27 UTC 2024 - Fridrich Strba + +- Upgrade to version 9.4.56.v20240826 + * Security fixes: + + CVE-2024-8184, bsc#1231651, ThreadLimitHandler.getRemote() + vulnerable to remote DoS attacks + * Changes: + + #12201 backport ThreadLimitHandler improvements from Jetty 12 + + #11938 - Updating URL refs from eclipse.org/jetty and + eclipse.dev/jetty to jetty.org (including XML dtd references) + + #10805 - Jetty response with an invalid HTTP2 packet if the + client set the hpack table size as 0 + ------------------------------------------------------------------- Tue Feb 27 12:27:27 UTC 2024 - Fridrich Strba diff --git a/jetty-minimal.spec b/jetty-minimal.spec index 66ed6d3..a0ddbe6 100644 --- a/jetty-minimal.spec +++ b/jetty-minimal.spec @@ -18,10 +18,10 @@ %global base_name jetty -%global addver .v20240208 +%global addver .v20240826 %define src_name %{base_name}.project-%{base_name}-%{version}%{addver} Name: %{base_name}-minimal -Version: 9.4.54 +Version: 9.4.56 Release: 0 Summary: Java Webserver and Servlet Container License: Apache-2.0 OR EPL-1.0 diff --git a/jetty-unixsocket.changes b/jetty-unixsocket.changes index 9ac2594..58f0772 100644 --- a/jetty-unixsocket.changes +++ b/jetty-unixsocket.changes @@ -1,3 +1,17 @@ +------------------------------------------------------------------- +Tue Oct 15 21:27:27 UTC 2024 - Fridrich Strba + +- Upgrade to version 9.4.56.v20240826 + * Security fixes: + + CVE-2024-8184, bsc#1231651, ThreadLimitHandler.getRemote() + vulnerable to remote DoS attacks + * Changes: + + #12201 backport ThreadLimitHandler improvements from Jetty 12 + + #11938 - Updating URL refs from eclipse.org/jetty and + eclipse.dev/jetty to jetty.org (including XML dtd references) + + #10805 - Jetty response with an invalid HTTP2 packet if the + client set the hpack table size as 0 + ------------------------------------------------------------------- Tue Feb 27 12:27:27 UTC 2024 - Fridrich Strba diff --git a/jetty-unixsocket.spec b/jetty-unixsocket.spec index bb13b58..da2a551 100644 --- a/jetty-unixsocket.spec +++ b/jetty-unixsocket.spec @@ -18,10 +18,10 @@ %global base_name jetty -%global addver .v20240208 +%global addver .v20240826 %define src_name %{base_name}.project-%{base_name}-%{version}%{addver} Name: %{base_name}-unixsocket -Version: 9.4.54 +Version: 9.4.56 Release: 0 Summary: The unixsocket modules for Jetty License: Apache-2.0 OR EPL-1.0 diff --git a/jetty-websocket.changes b/jetty-websocket.changes index 8f6ab79..4a8ea3f 100644 --- a/jetty-websocket.changes +++ b/jetty-websocket.changes @@ -1,3 +1,17 @@ +------------------------------------------------------------------- +Tue Oct 15 21:27:27 UTC 2024 - Fridrich Strba + +- Upgrade to version 9.4.56.v20240826 + * Security fixes: + + CVE-2024-8184, bsc#1231651, ThreadLimitHandler.getRemote() + vulnerable to remote DoS attacks + * Changes: + + #12201 backport ThreadLimitHandler improvements from Jetty 12 + + #11938 - Updating URL refs from eclipse.org/jetty and + eclipse.dev/jetty to jetty.org (including XML dtd references) + + #10805 - Jetty response with an invalid HTTP2 packet if the + client set the hpack table size as 0 + ------------------------------------------------------------------- Tue Feb 27 12:27:27 UTC 2024 - Fridrich Strba diff --git a/jetty-websocket.spec b/jetty-websocket.spec index f0e795e..5455166 100644 --- a/jetty-websocket.spec +++ b/jetty-websocket.spec @@ -18,10 +18,10 @@ %global base_name jetty -%global addver .v20240208 +%global addver .v20240826 %define src_name %{base_name}.project-%{base_name}-%{version}%{addver} Name: %{base_name}-websocket -Version: 9.4.54 +Version: 9.4.56 Release: 0 Summary: The websocket modules for Jetty License: Apache-2.0 OR EPL-1.0 diff --git a/jetty.project-jetty-9.4.54.v20240208.tar.gz b/jetty.project-jetty-9.4.54.v20240208.tar.gz deleted file mode 100644 index 474db7a..0000000 --- a/jetty.project-jetty-9.4.54.v20240208.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:51201322d72c5ef29c0ae83ef130a3b58460a41935e38c7830c26deece87473f -size 19349613 diff --git a/jetty.project-jetty-9.4.56.v20240826.tar.gz b/jetty.project-jetty-9.4.56.v20240826.tar.gz new file mode 100644 index 0000000..b98f3e0 --- /dev/null +++ b/jetty.project-jetty-9.4.56.v20240826.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:02955a9152023af2238ed5a5aa331b6b6ef2e2934f9d4871b318763254315968 +size 19348893