Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

update jetty to address CVE-2024-22201 #16000

Merged
merged 1 commit into from
Feb 29, 2024

Conversation

janjwerner-confluent
Copy link
Contributor

@janjwerner-confluent janjwerner-confluent commented Feb 28, 2024

Description

  • Update Jetty from version 9.4.53.v20231009 to version 9.4.54.v20240208 to address CVE-2024-22201

This PR has:

  • been self-reviewed.
  • added documentation for new or modified features or behaviors.
  • a release note entry in the PR description.
  • added Javadocs for most classes and all non-trivial methods. Linked related entities via Javadoc links.
  • added or updated version, license, or notice information in licenses.yaml
  • added comments explaining the "why" and the intent of the code wherever would not be obvious for an unfamiliar reader.
  • added unit tests or modified existing tests to cover new code paths, ensuring the threshold for code coverage is met.
  • added integration tests.
  • been tested in a test Druid cluster.

@FrankChen021 FrankChen021 merged commit d6f59d1 into apache:master Feb 29, 2024
84 checks passed
317brian pushed a commit to 317brian/druid that referenced this pull request Feb 29, 2024
asdf2014 added a commit that referenced this pull request Mar 4, 2024
* docs: add mermaid diagram support

* fix crash when parsing data in data loader that can not be parsed (#15983)

* update jetty to address CVE (#16000)

* Concurrent replace should work with supervisors using concurrent locks (#15995)

* Concurrent replace should work with supervisors using concurrent locks

* Ignore supervisors with useConcurrentLocks set to false

* Apply feedback

* Add pre-check for heavy debug logs (#15706)

Co-authored-by: Kashif Faraz <[email protected]>
Co-authored-by: Benedict Jin <[email protected]>

* Remove helm paths from CodeQL config (#16006)

* docs: mention acid-compliance for metadb

---------

Co-authored-by: Vadim Ogievetsky <[email protected]>
Co-authored-by: Jan Werner <[email protected]>
Co-authored-by: AmatyaAvadhanula <[email protected]>
Co-authored-by: Sensor <[email protected]>
Co-authored-by: Kashif Faraz <[email protected]>
Co-authored-by: Benedict Jin <[email protected]>
@adarshsanjeev adarshsanjeev added this to the 30.0.0 milestone May 6, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants