Update VERSION.TXT jetty-10.0.x (#6314)
* Updating VERSION.TXT * add jetty-9.4.41.v20210516 in VERSION.TXT Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
This commit is contained in:
Olivier Lamy
GitHub
parent
725236743f
commit
aec0128f36
78
VERSION.txt
78
VERSION.txt
|
|
@ -1,4 +1,43 @@
|
|||
jetty-10.0.3-SNAPSHOT
|
||||
jetty-10.0.4-SNAPSHOT
|
||||
|
||||
jetty-10.0.3 - 20 May 2021
|
||||
+ 3764 DeprecationWarning Decorator
|
||||
+ 5306 Default jetty.*.acceptors should be 1
|
||||
+ 5684 Review disabled tests
|
||||
+ 5798 jetty-runner startup error with jetty-10
|
||||
+ 5817 Provide more filtering for CustomRequestLog
|
||||
+ 6049 Default provider [files] section always executed
|
||||
+ 6084 GzipHandler: NPE in setDeflaterPoolCapacity and setInflaterPoolCapacity
|
||||
+ 6098 jetty-cdi is missing from jetty-bom
|
||||
+ 6099 Cipher preference may break SNI if certificates have different key
|
||||
types
|
||||
+ 6105 HttpConnection.getBytesIn() incorrect for requests with chunked content
|
||||
|
||||
+ 6106 WebSocket/CDI integration is broken in Jetty 10
|
||||
+ 6132 Ambiguous segment in URI in DELETE
|
||||
/a/projects/foo/branches/refs%2Fheads%2Ftest request after upgrade from
|
||||
10.0.0 to 10.0.2
|
||||
+ 6153 jetty-maven-plugin does not correctly pass JVM arguments for external
|
||||
deployMode
|
||||
+ 6159 Jetty with Conscrypt unable to handle any HTTPS requests when connected
|
||||
by IP rather than hostname.
|
||||
+ 6166 WebSocket MessageInputStream.read() spends a lot of time in
|
||||
ByteBuffer.compact()
|
||||
+ 6205 OpenIdAuthenticator may use incorrect redirect
|
||||
+ 6207 Make ALPN optional in HTTP2Client over TLS
|
||||
+ 6208 HTTP/2 max local stream count exceeded
|
||||
+ 6224 make jetty-jspc-maven-plugin @threadSafe
|
||||
+ 6227 Better resolve race between `AsyncListener.onTimeout` and
|
||||
`AsyncContext.dispatch`
|
||||
+ 6238 jetty-keystore Invalid manifest header Bundle-SymbolicName: ""
|
||||
+ 6250 Lazily allocate HTTP2Stream data queue
|
||||
+ 6251 Use CyclicTimeout for HTTP2Streams
|
||||
+ 6254 Total timeout not enforced for queued requests
|
||||
+ 6263 Review URI encoding in ConcatServlet & WelcomeFilter
|
||||
+ 6272 Reduce allocation in HttpClient when notifying content listeners
|
||||
+ 6277 Better handle exceptions thrown from session destroy listener
|
||||
+ 6280 Copy ServletHolder class/instance properly during startWebapp
|
||||
+ 6287 Class loading broken for WebSocketClient used inside webapp
|
||||
|
||||
jetty-10.0.2 - 26 March 2021
|
||||
+ 4275 Path Normalization/Traversal - Context Matching
|
||||
|
|
@ -16,24 +55,26 @@ jetty-10.0.2 - 26 March 2021
|
|||
directory.
|
||||
+ 6011 OSGi Cannot start Jetty with osgi.boot - Configurations add wrong
|
||||
method taken
|
||||
+ 6020 Review Jetty Maven Plugin scanning defaults
|
||||
+ 6020 Review Jetty Maven Plugin scanning defaults
|
||||
+ 6021 Standardize Path resolution in XmlConfiguration
|
||||
+ 6024 Error starting jetty-10: Provider
|
||||
org.eclipse.jetty.websocket.javax.client.JavaxWebSocketShutdownContainer not
|
||||
found
|
||||
+ 6026 the jvm DEBUG flag is not working org.eclipse.jetty.LEVEL=DEBUG
|
||||
+ 6026 the jvm DEBUG flag is not working org.eclipse.jetty.LEVEL=DEBUG
|
||||
+ 6034 SslContextFactory may select a wildcard certificate during SNI
|
||||
selection when a more specific SSL certificate is present
|
||||
+ 6037 Review logging modules for j.u.l.
|
||||
+ 6037 Review logging modules for j.u.l
|
||||
+ 6050 Websocket: NotUtf8Exception after upgrade 9.4.35 -> 9.4.36 or newer
|
||||
+ 6063 Allow override of hazelcast version when using module
|
||||
+ 6072 jetty server high CPU when client send data length > 17408 - Resolves CVE-2021-28165
|
||||
+ 6076 Embedded Jetty throws null pointer exception
|
||||
+ 6072 jetty server high CPU when client send data length > 17408 - Resolves
|
||||
CVE-2021-28165
|
||||
+ 6076 Embedded Jetty throws null pointer exception
|
||||
+ 6082 SslConnection compacting
|
||||
+ 6085 Jetty keeps Sessions in use after "Duplicate valid session cookies"
|
||||
Message
|
||||
+ 6101 Normalize ambiguous URIs - Resolves CVE-2021-28164
|
||||
+ 6102 Exclude webapps directory from deployment scan - Resolves CVE-2021-28163
|
||||
+ 6102 Exclude webapps directory from deployment scan - Resolves
|
||||
CVE-2021-28163
|
||||
|
||||
jetty-10.0.1 - 19 February 2021
|
||||
+ 1673 jetty-demo/etc/keystore should not be distributed
|
||||
|
|
@ -133,6 +174,19 @@ jetty-10.0.0.beta3 - 21 October 2020
|
|||
+ 5475 Update to spifly 1.3.2 and asm 9
|
||||
+ 5480 NPE from WebInfConfiguration.deconfigure during WebAppContext shutdown
|
||||
|
||||
jetty-9.4.41.v20210516 - 16 May 2021
|
||||
+ 6099 Cipher preference may break SNI if certificates have different key
|
||||
types
|
||||
+ 6186 Add Null Protection on Log / Logger
|
||||
+ 6205 OpenIdAuthenticator may use incorrect redirect
|
||||
+ 6208 HTTP/2 max local stream count exceeded
|
||||
+ 6227 Better resolve race between `AsyncListener.onTimeout` and
|
||||
`AsyncContext.dispatch`
|
||||
+ 6254 Total timeout not enforced for queued requests
|
||||
+ 6263 Review URI encoding in ConcatServlet & WelcomeFilter
|
||||
+ 6277 Better handle exceptions thrown from session destroy listener
|
||||
+ 6280 Copy ServletHolder class/instance properly during startWebapp
|
||||
|
||||
jetty-9.4.39.v20210325 - 25 March 2021
|
||||
+ 6034 SslContextFactory may select a wildcard certificate during SNI
|
||||
selection when a more specific SSL certificate is present
|
||||
|
|
@ -140,11 +194,13 @@ jetty-9.4.39.v20210325 - 25 March 2021
|
|||
+ 6052 Cleanup TypeUtil and ModuleLocation to allow jetty-client/hybrid to
|
||||
work on Android
|
||||
+ 6063 Allow override of hazelcast version when using module
|
||||
+ 6072 jetty server high CPU when client send data length > 17408 - Resolves CVE-2021-28165
|
||||
+ 6072 jetty server high CPU when client send data length > 17408 - Resolves
|
||||
CVE-2021-28165
|
||||
+ 6085 Jetty keeps Sessions in use after "Duplicate valid session cookies"
|
||||
Message
|
||||
+ 6101 Normalize ambiguous URIs - Resolves CVE-2021-28164
|
||||
+ 6102 Exclude webapps directory from deployment scan - Resolves CVE-2021-28163
|
||||
+ 6102 Exclude webapps directory from deployment scan - Resolves
|
||||
CVE-2021-28163
|
||||
|
||||
jetty-9.4.38.v20210224 - 24 February 2021
|
||||
+ 4275 Path Normalization/Traversal - Context Matching
|
||||
|
|
@ -172,8 +228,8 @@ jetty-9.4.37.v20210219 - 19 February 2021
|
|||
+ 5979 Configurable gzip Etag extension
|
||||
|
||||
jetty-9.4.36.v20210114 - 14 January 2021
|
||||
+ 5310 Jetty Http2 client discards the response frames when there is GOAWAY and
|
||||
sends RST_STREAM
|
||||
+ 5310 Jetty Http2 client discards the response frames when there is GOAWAY
|
||||
and sends RST_STREAM
|
||||
+ 5499 Improve temporary buffer usage for WebSocket PerMessageDeflate
|
||||
+ 5633 Allow to configure HttpClient request authority
|
||||
+ 5689 Jetty ssl keystorePath doesn't work with absolute path
|
||||
|
|
|
|||
Loading…
Reference in New Issue