diff --git a/LICENSE-binary b/LICENSE-binary index 7da76cc0ce8..b2b5a3cecda 100644 --- a/LICENSE-binary +++ b/LICENSE-binary @@ -352,26 +352,20 @@ org.codehaus.jackson:jackson-jaxrs:1.9.13 org.codehaus.jackson:jackson-mapper-asl:1.9.13 org.codehaus.jackson:jackson-xc:1.9.13 org.codehaus.jettison:jettison:1.1 -org.eclipse.jetty:jetty-annotations:9.4.40.v20210413 -org.eclipse.jetty:jetty-client:9.4.40.v20210413 -org.eclipse.jetty:jetty-http:9.4.40.v20210413 -org.eclipse.jetty:jetty-io:9.4.40.v20210413 -org.eclipse.jetty:jetty-jndi:9.4.40.v20210413 -org.eclipse.jetty:jetty-plus:9.4.40.v20210413 -org.eclipse.jetty:jetty-security:9.4.40.v20210413 -org.eclipse.jetty:jetty-server:9.4.40.v20210413 -org.eclipse.jetty:jetty-servlet:9.4.40.v20210413 -org.eclipse.jetty:jetty-util:9.4.40.v20210413 -org.eclipse.jetty:jetty-util-ajax:9.4.40.v20210413 -org.eclipse.jetty:jetty-webapp:9.4.40.v20210413 -org.eclipse.jetty:jetty-xml:9.4.40.v20210413 -org.eclipse.jetty.websocket:javax-websocket-client-impl:9.4.40.v20210413 -org.eclipse.jetty.websocket:javax-websocket-server-impl:9.4.40.v20210413 -org.eclipse.jetty.websocket:websocket-api:9.4.40.v20210413 -org.eclipse.jetty.websocket:websocket-client:9.4.40.v20210413 -org.eclipse.jetty.websocket:websocket-common:9.4.40.v20210413 -org.eclipse.jetty.websocket:websocket-server:9.4.40.v20210413 -org.eclipse.jetty.websocket:websocket-servlet:9.4.40.v20210413 +org.eclipse.jetty:jetty-annotations:9.4.48.v20220622 +org.eclipse.jetty:jetty-http:9.4.48.v20220622 +org.eclipse.jetty:jetty-io:9.4.48.v20220622 +org.eclipse.jetty:jetty-jndi:9.4.48.v20220622 +org.eclipse.jetty:jetty-plus:9.4.48.v20220622 +org.eclipse.jetty:jetty-security:9.4.48.v20220622 +org.eclipse.jetty:jetty-server:9.4.48.v20220622 +org.eclipse.jetty:jetty-servlet:9.4.48.v20220622 +org.eclipse.jetty:jetty-util:9.4.48.v20220622 +org.eclipse.jetty:jetty-util-ajax:9.4.48.v20220622 +org.eclipse.jetty:jetty-webapp:9.4.48.v20220622 +org.eclipse.jetty:jetty-xml:9.4.48.v20220622 +org.eclipse.jetty.websocket:javax-websocket-client-impl:9.4.48.v20220622 +org.eclipse.jetty.websocket:javax-websocket-server-impl:9.4.48.v20220622 org.ehcache:ehcache:3.3.1 org.lz4:lz4-java:1.7.1 org.objenesis:objenesis:2.6 diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java index 48c606788d0..8dadbe390a5 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java @@ -95,7 +95,7 @@ import org.eclipse.jetty.server.SecureRequestCustomizer; import org.eclipse.jetty.server.Server; import org.eclipse.jetty.server.ServerConnector; import org.eclipse.jetty.server.SslConnectionFactory; -import org.eclipse.jetty.server.handler.AllowSymLinkAliasChecker; +import org.eclipse.jetty.server.SymlinkAllowedResourceAliasChecker; import org.eclipse.jetty.server.handler.ContextHandlerCollection; import org.eclipse.jetty.server.handler.HandlerCollection; import org.eclipse.jetty.server.handler.RequestLogHandler; @@ -872,7 +872,7 @@ public final class HttpServer2 implements FilterContainer { handler.setHttpOnly(true); handler.getSessionCookieConfig().setSecure(true); logContext.setSessionHandler(handler); - logContext.addAliasCheck(new AllowSymLinkAliasChecker()); + logContext.addAliasCheck(new SymlinkAllowedResourceAliasChecker(logContext)); setContextAttributes(logContext, conf); addNoCacheFilter(logContext); defaultContexts.put(logContext, true); @@ -891,7 +891,7 @@ public final class HttpServer2 implements FilterContainer { handler.setHttpOnly(true); handler.getSessionCookieConfig().setSecure(true); staticContext.setSessionHandler(handler); - staticContext.addAliasCheck(new AllowSymLinkAliasChecker()); + staticContext.addAliasCheck(new SymlinkAllowedResourceAliasChecker(staticContext)); setContextAttributes(staticContext, conf); defaultContexts.put(staticContext, true); } diff --git a/hadoop-project/pom.xml b/hadoop-project/pom.xml index 8a44fcad5d7..c23bbe2d7af 100644 --- a/hadoop-project/pom.xml +++ b/hadoop-project/pom.xml @@ -37,7 +37,7 @@ true true - 9.4.43.v20210629 + 9.4.48.v20220622 _ _