Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Updating VERSION.TXT (#6313)

This commit is contained in:
Olivier Lamy 2021-05-24 15:52:45 +10:00 committed by GitHub
parent 4f4523d611
commit 26f1c3941f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 62 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

77
VERSION.txt
View File

@ -1,4 +1,45 @@
jetty-11.0.3-SNAPSHOT jetty-11.0.4-SNAPSHOT
jetty-11.0.3 - 20 May 2021
+ 3764 DeprecationWarning Decorator
+ 5306 Default jetty.*.acceptors should be 1
+ 5684 Review disabled tests
+ 5798 jetty-runner startup error with jetty-10
+ 5817 Provide more filtering for CustomRequestLog
+ 6049 Default provider [files] section always executed
+ 6084 GzipHandler: NPE in setDeflaterPoolCapacity and setInflaterPoolCapacity
+ 6098 jetty-cdi is missing from jetty-bom
+ 6099 Cipher preference may break SNI if certificates have different key
types
+ 6105 HttpConnection.getBytesIn() incorrect for requests with chunked content
+ 6106 WebSocket/CDI integration is broken in Jetty 10
+ 6125 Do not allow override of jakarta.* container classes by webapps per
Servlet 5.0 Section 15.2.1
+ 6132 Ambiguous segment in URI in DELETE
/a/projects/foo/branches/refs%2Fheads%2Ftest request after upgrade from
10.0.0 to 10.0.2
+ 6153 jetty-maven-plugin does not correctly pass JVM arguments for external
deployMode
+ 6159 Jetty with Conscrypt unable to handle any HTTPS requests when connected
by IP rather than hostname.
+ 6166 WebSocket MessageInputStream.read() spends a lot of time in
ByteBuffer.compact()
+ 6205 OpenIdAuthenticator may use incorrect redirect
+ 6207 Make ALPN optional in HTTP2Client over TLS
+ 6208 HTTP/2 max local stream count exceeded
+ 6224 make jetty-jspc-maven-plugin @threadSafe
+ 6227 Better resolve race between `AsyncListener.onTimeout` and
`AsyncContext.dispatch`
+ 6238 jetty-keystore Invalid manifest header Bundle-SymbolicName: ""
+ 6250 Lazily allocate HTTP2Stream data queue
+ 6251 Use CyclicTimeout for HTTP2Streams
+ 6254 Total timeout not enforced for queued requests
+ 6263 Review URI encoding in ConcatServlet & WelcomeFilter
+ 6272 Reduce allocation in HttpClient when notifying content listeners
+ 6277 Better handle exceptions thrown from session destroy listener
+ 6280 Copy ServletHolder class/instance properly during startWebapp
+ 6287 Class loading broken for WebSocketClient used inside webapp
jetty-11.0.2 - 26 March 2021 jetty-11.0.2 - 26 March 2021
+ 4275 Path Normalization/Traversal - Context Matching + 4275 Path Normalization/Traversal - Context Matching
@ -24,16 +65,18 @@ jetty-11.0.2 - 26 March 2021
+ 6026 the jvm DEBUG flag is not working org.eclipse.jetty.LEVEL=DEBUG + 6026 the jvm DEBUG flag is not working org.eclipse.jetty.LEVEL=DEBUG
+ 6034 SslContextFactory may select a wildcard certificate during SNI + 6034 SslContextFactory may select a wildcard certificate during SNI
selection when a more specific SSL certificate is present selection when a more specific SSL certificate is present
+ 6037 Review logging modules for j.u.l. + 6037 Review logging modules for j.u.l
+ 6050 Websocket: NotUtf8Exception after upgrade 9.4.35 -> 9.4.36 or newer + 6050 Websocket: NotUtf8Exception after upgrade 9.4.35 -> 9.4.36 or newer
+ 6063 Allow override of hazelcast version when using module + 6063 Allow override of hazelcast version when using module
+ 6072 jetty server high CPU when client send data length > 17408 - Resolves CVE-2021-28165 + 6072 jetty server high CPU when client send data length > 17408 - Resolves
CVE-2021-28165
+ 6076 Embedded Jetty throws null pointer exception + 6076 Embedded Jetty throws null pointer exception
+ 6082 SslConnection compacting + 6082 SslConnection compacting
+ 6085 Jetty keeps Sessions in use after "Duplicate valid session cookies" + 6085 Jetty keeps Sessions in use after "Duplicate valid session cookies"
Message Message
+ 6101 Normalize ambiguous URIs - Resolves CVE-2021-28164 + 6101 Normalize ambiguous URIs - Resolves CVE-2021-28164
+ 6102 Exclude webapps directory from deployment scan - Resolves CVE-2021-28163 + 6102 Exclude webapps directory from deployment scan - Resolves
CVE-2021-28163
jetty-11.0.1 - 19 February 2021 jetty-11.0.1 - 19 February 2021
+ 1673 jetty-demo/etc/keystore should not be distributed + 1673 jetty-demo/etc/keystore should not be distributed
@ -248,7 +291,7 @@ jetty-11.0.0.beta1 - 10 July 2020
SETTINGS Frame. SETTINGS Frame.
+ 4903 Give better errors for non public Websocket Endpoints + 4903 Give better errors for non public Websocket Endpoints
+ 4904 WebsocketClient creates more connections than needed + 4904 WebsocketClient creates more connections than needed
+ 4907 + 4907
org.eclipse.jetty.websocket.tests.SuspendResumeTest#testSuspendAfterClose org.eclipse.jetty.websocket.tests.SuspendResumeTest#testSuspendAfterClose
+ 4920 Restore ability to delete sessions on stop + 4920 Restore ability to delete sessions on stop
+ 4921 Quickstart run improperly runs dynamically added context initializers + 4921 Quickstart run improperly runs dynamically added context initializers
@ -287,24 +330,26 @@ jetty-10.0.2 - 26 March 2021
directory. directory.
+ 6011 OSGi Cannot start Jetty with osgi.boot - Configurations add wrong + 6011 OSGi Cannot start Jetty with osgi.boot - Configurations add wrong
method taken method taken
+ 6020 Review Jetty Maven Plugin scanning defaults + 6020 Review Jetty Maven Plugin scanning defaults
+ 6021 Standardize Path resolution in XmlConfiguration + 6021 Standardize Path resolution in XmlConfiguration
+ 6024 Error starting jetty-10: Provider + 6024 Error starting jetty-10: Provider
org.eclipse.jetty.websocket.javax.client.JavaxWebSocketShutdownContainer not org.eclipse.jetty.websocket.javax.client.JavaxWebSocketShutdownContainer not
found found
+ 6026 the jvm DEBUG flag is not working org.eclipse.jetty.LEVEL=DEBUG + 6026 the jvm DEBUG flag is not working org.eclipse.jetty.LEVEL=DEBUG
+ 6034 SslContextFactory may select a wildcard certificate during SNI + 6034 SslContextFactory may select a wildcard certificate during SNI
selection when a more specific SSL certificate is present selection when a more specific SSL certificate is present
+ 6037 Review logging modules for j.u.l. + 6037 Review logging modules for j.u.l
+ 6050 Websocket: NotUtf8Exception after upgrade 9.4.35 -> 9.4.36 or newer + 6050 Websocket: NotUtf8Exception after upgrade 9.4.35 -> 9.4.36 or newer
+ 6063 Allow override of hazelcast version when using module + 6063 Allow override of hazelcast version when using module
+ 6072 jetty server high CPU when client send data length > 17408 - Resolves CVE-2021-28165 + 6072 jetty server high CPU when client send data length > 17408 - Resolves
+ 6076 Embedded Jetty throws null pointer exception CVE-2021-28165
+ 6076 Embedded Jetty throws null pointer exception
+ 6082 SslConnection compacting + 6082 SslConnection compacting
+ 6085 Jetty keeps Sessions in use after "Duplicate valid session cookies" + 6085 Jetty keeps Sessions in use after "Duplicate valid session cookies"
Message Message
+ 6101 Normalize ambiguous URIs - Resolves CVE-2021-28164 + 6101 Normalize ambiguous URIs - Resolves CVE-2021-28164
+ 6102 Exclude webapps directory from deployment scan - Resolves CVE-2021-28163 + 6102 Exclude webapps directory from deployment scan - Resolves
CVE-2021-28163
jetty-10.0.1 - 19 February 2021 jetty-10.0.1 - 19 February 2021
+ 1673 jetty-demo/etc/keystore should not be distributed + 1673 jetty-demo/etc/keystore should not be distributed
@ -411,11 +456,13 @@ jetty-9.4.39.v20210325 - 25 March 2021
+ 6052 Cleanup TypeUtil and ModuleLocation to allow jetty-client/hybrid to + 6052 Cleanup TypeUtil and ModuleLocation to allow jetty-client/hybrid to
work on Android work on Android
+ 6063 Allow override of hazelcast version when using module + 6063 Allow override of hazelcast version when using module
+ 6072 jetty server high CPU when client send data length > 17408 - Resolves CVE-2021-28165 + 6072 jetty server high CPU when client send data length > 17408 - Resolves
CVE-2021-28165
+ 6085 Jetty keeps Sessions in use after "Duplicate valid session cookies" + 6085 Jetty keeps Sessions in use after "Duplicate valid session cookies"
Message Message
+ 6101 Normalize ambiguous URIs - Resolves CVE-2021-28164 + 6101 Normalize ambiguous URIs - Resolves CVE-2021-28164
+ 6102 Exclude webapps directory from deployment scan - Resolves CVE-2021-28163 + 6102 Exclude webapps directory from deployment scan - Resolves
CVE-2021-28163
jetty-9.4.38.v20210224 - 24 February 2021 jetty-9.4.38.v20210224 - 24 February 2021
+ 4275 Path Normalization/Traversal - Context Matching + 4275 Path Normalization/Traversal - Context Matching
@ -443,8 +490,8 @@ jetty-9.4.37.v20210219 - 19 February 2021
+ 5979 Configurable gzip Etag extension + 5979 Configurable gzip Etag extension
jetty-9.4.36.v20210114 - 14 January 2021 jetty-9.4.36.v20210114 - 14 January 2021
+ 5310 Jetty Http2 client discards the response frames when there is GOAWAY and + 5310 Jetty Http2 client discards the response frames when there is GOAWAY
sends RST_STREAM and sends RST_STREAM
+ 5499 Improve temporary buffer usage for WebSocket PerMessageDeflate + 5499 Improve temporary buffer usage for WebSocket PerMessageDeflate
+ 5633 Allow to configure HttpClient request authority + 5633 Allow to configure HttpClient request authority
+ 5689 Jetty ssl keystorePath doesn't work with absolute path + 5689 Jetty ssl keystorePath doesn't work with absolute path