Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update for published advisories

This commit is contained in:
Joakim Erdfelt 2024-10-14 10:39:43 -05:00
parent 281554686d 2cacc3b95d
commit 3477802bbf
No known key found for this signature in database
GPG Key ID: 2D0E1FB8FE4B68B4
1 changed files with 10 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
VERSION.txt
View File

@ -1,13 +1,13 @@
jetty-11.0.25-SNAPSHOT
jetty-11.0.24 - 26 August 2024
+ 12201 backport ThreadLimitHandler improvements from Jetty 12
+ 12201 backport ThreadLimitHandler improvements from Jetty 12 (CVE-2024-8184)
jetty-10.0.24 - 26 August 2024
+ 12201 backport ThreadLimitHandler improvements from Jetty 12
+ 12201 backport ThreadLimitHandler improvements from Jetty 12 (CVE-2024-8184)
jetty-9.4.56.v20240826 - 26 August 2024
+ 12200 Backport ThreadLimitHandler improvements from Jetty 12
+ 12200 Backport ThreadLimitHandler improvements from Jetty 12 (CVE-2024-8184)
jetty-11.0.23 - 13 August 2024
+ 12041 backport tracking retainable pool from Jetty 12
@ -45,7 +45,7 @@ jetty-10.0.21 - 14 May 2024
+ 11782 HttpExchange retained by HttpSenderOverHTTP which caused memory leak
jetty-9.4.54.v20240208 - 08 February 2024
+ 1256 DoSFilter leaks USER_AUTH entries
+ 1256 DoSFilter leaks USER_AUTH entries (CVE-2024-9823)
+ 11259 HTTP/2 connection not closed after idle timeout when TCP congested
(CVE-2024-22201)
+ 11389 Strip default ports on ws/wss scheme uris too
@ -78,7 +78,7 @@ jetty-11.0.19 - 15 December 2023
+ 11014 RedirectRegexRule and RewritePatternRule should consider
relativeRedirectAllowed
+ 11031 HttpClient should expose Connection/EndPoint used by HTTP requests
+ 11039 Memory leak and multiple (Http|Servlet)*Listener invokations after
+ 11039 Memory leak and multiple (Http|Servlet)*Listener invocations after
restart
+ 11044 Update jetty-11 to apache jasper 10.0.27
@ -90,12 +90,13 @@ jetty-10.0.19 - 15 December 2023
+ 11014 RedirectRegexRule and RewritePatternRule should consider
relativeRedirectAllowed
+ 11031 HttpClient should expose Connection/EndPoint used by HTTP requests
+ 11039 Memory leak and multiple (Http|Servlet)*Listener invokations after
+ 11039 Memory leak and multiple (Http|Servlet)*Listener invocations after
restart
+ 11043 Update to apache jasper 9.0.83
jetty-11.0.18 - 26 October 2023
+ 1256 DoSFilter leaks USER_AUTH entries
+ 1256 DoSFilter leaks USER_AUTH entries (CVE-2024-9823)
+ 9715 Deprecate PushSessionCacheFilter (CVE-2024-6762)
+ 10390 Jetty HTTP/3 Client fails when connecting to `nghttpx` server
+ 10519 java.lang.IllegalStateException: Flusher when using HTTP/3 with Spring
Boot 3.2
@ -110,7 +111,8 @@ jetty-11.0.18 - 26 October 2023
+ 10786 TLS handshake failures leak HttpConnection.RequestTimeouts tasks
jetty-10.0.18 - 26 October 2023
+ 1256 DoSFilter leaks USER_AUTH entries
+ 1256 DoSFilter leaks USER_AUTH entries (CVE-2024-9823)
+ 9715 Deprecate PushSessionCacheFilter (CVE-2024-6762)
+ 10390 Jetty HTTP/3 Client fails when connecting to `nghttpx` server
+ 10519 java.lang.IllegalStateException: Flusher when using HTTP/3 with Spring
Boot 3.2