diff --git a/LICENSE-binary b/LICENSE-binary
index 7da76cc0ce8..b2b5a3cecda 100644
--- a/LICENSE-binary
+++ b/LICENSE-binary
@@ -352,26 +352,20 @@ org.codehaus.jackson:jackson-jaxrs:1.9.13
org.codehaus.jackson:jackson-mapper-asl:1.9.13
org.codehaus.jackson:jackson-xc:1.9.13
org.codehaus.jettison:jettison:1.1
-org.eclipse.jetty:jetty-annotations:9.4.40.v20210413
-org.eclipse.jetty:jetty-client:9.4.40.v20210413
-org.eclipse.jetty:jetty-http:9.4.40.v20210413
-org.eclipse.jetty:jetty-io:9.4.40.v20210413
-org.eclipse.jetty:jetty-jndi:9.4.40.v20210413
-org.eclipse.jetty:jetty-plus:9.4.40.v20210413
-org.eclipse.jetty:jetty-security:9.4.40.v20210413
-org.eclipse.jetty:jetty-server:9.4.40.v20210413
-org.eclipse.jetty:jetty-servlet:9.4.40.v20210413
-org.eclipse.jetty:jetty-util:9.4.40.v20210413
-org.eclipse.jetty:jetty-util-ajax:9.4.40.v20210413
-org.eclipse.jetty:jetty-webapp:9.4.40.v20210413
-org.eclipse.jetty:jetty-xml:9.4.40.v20210413
-org.eclipse.jetty.websocket:javax-websocket-client-impl:9.4.40.v20210413
-org.eclipse.jetty.websocket:javax-websocket-server-impl:9.4.40.v20210413
-org.eclipse.jetty.websocket:websocket-api:9.4.40.v20210413
-org.eclipse.jetty.websocket:websocket-client:9.4.40.v20210413
-org.eclipse.jetty.websocket:websocket-common:9.4.40.v20210413
-org.eclipse.jetty.websocket:websocket-server:9.4.40.v20210413
-org.eclipse.jetty.websocket:websocket-servlet:9.4.40.v20210413
+org.eclipse.jetty:jetty-annotations:9.4.48.v20220622
+org.eclipse.jetty:jetty-http:9.4.48.v20220622
+org.eclipse.jetty:jetty-io:9.4.48.v20220622
+org.eclipse.jetty:jetty-jndi:9.4.48.v20220622
+org.eclipse.jetty:jetty-plus:9.4.48.v20220622
+org.eclipse.jetty:jetty-security:9.4.48.v20220622
+org.eclipse.jetty:jetty-server:9.4.48.v20220622
+org.eclipse.jetty:jetty-servlet:9.4.48.v20220622
+org.eclipse.jetty:jetty-util:9.4.48.v20220622
+org.eclipse.jetty:jetty-util-ajax:9.4.48.v20220622
+org.eclipse.jetty:jetty-webapp:9.4.48.v20220622
+org.eclipse.jetty:jetty-xml:9.4.48.v20220622
+org.eclipse.jetty.websocket:javax-websocket-client-impl:9.4.48.v20220622
+org.eclipse.jetty.websocket:javax-websocket-server-impl:9.4.48.v20220622
org.ehcache:ehcache:3.3.1
org.lz4:lz4-java:1.7.1
org.objenesis:objenesis:2.6
diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
index 48c606788d0..8dadbe390a5 100644
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
@@ -95,7 +95,7 @@ import org.eclipse.jetty.server.SecureRequestCustomizer;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.SslConnectionFactory;
-import org.eclipse.jetty.server.handler.AllowSymLinkAliasChecker;
+import org.eclipse.jetty.server.SymlinkAllowedResourceAliasChecker;
import org.eclipse.jetty.server.handler.ContextHandlerCollection;
import org.eclipse.jetty.server.handler.HandlerCollection;
import org.eclipse.jetty.server.handler.RequestLogHandler;
@@ -872,7 +872,7 @@ public final class HttpServer2 implements FilterContainer {
handler.setHttpOnly(true);
handler.getSessionCookieConfig().setSecure(true);
logContext.setSessionHandler(handler);
- logContext.addAliasCheck(new AllowSymLinkAliasChecker());
+ logContext.addAliasCheck(new SymlinkAllowedResourceAliasChecker(logContext));
setContextAttributes(logContext, conf);
addNoCacheFilter(logContext);
defaultContexts.put(logContext, true);
@@ -891,7 +891,7 @@ public final class HttpServer2 implements FilterContainer {
handler.setHttpOnly(true);
handler.getSessionCookieConfig().setSecure(true);
staticContext.setSessionHandler(handler);
- staticContext.addAliasCheck(new AllowSymLinkAliasChecker());
+ staticContext.addAliasCheck(new SymlinkAllowedResourceAliasChecker(staticContext));
setContextAttributes(staticContext, conf);
defaultContexts.put(staticContext, true);
}
diff --git a/hadoop-project/pom.xml b/hadoop-project/pom.xml
index 8a44fcad5d7..c23bbe2d7af 100644
--- a/hadoop-project/pom.xml
+++ b/hadoop-project/pom.xml
@@ -37,7 +37,7 @@
true
true
- 9.4.43.v20210629
+ 9.4.48.v20220622
_
_