Chris Walker
GitHub
parent
2001f9f963
commit
ff8cf93efd
33
VERSION.txt
33
VERSION.txt
|
|
@ -67,7 +67,7 @@ jetty-10.0.0 - 02 December 2020
|
|||
+ 5555 NPE for servlet with no mapping
|
||||
+ 5562 ArrayTernaryTrie consumes too much memory
|
||||
+ 5575 Add SEARCH as a known HttpMethod
|
||||
+ 5605 java.io.IOException: unconsumed input during http request parsing
|
||||
+ 5605 java.io.IOException: unconsumed input during http request parsing - Resolves CVE-2020-27218
|
||||
+ 5633 Allow to configure HttpClient request authority
|
||||
+ 5679 Distro argument --list-all-modules does not work
|
||||
+ 5680 No way to see which modules are enabled for the distro
|
||||
|
|
@ -91,7 +91,7 @@ jetty-10.0.0.beta3 - 21 October 2020
|
|||
+ 5443 Request without Host header fails with NullPointerException in
|
||||
ForwardedRequestCustomizer
|
||||
+ 5448 Request.isSecure() returns false for `https` schemes in Jetty 10
|
||||
+ 5451 Improve Working Directory creation
|
||||
+ 5451 Improve Working Directory creation - Resolves CVE-2020-27216
|
||||
+ 5454 Request error context is not reset
|
||||
+ 5475 Update to spifly 1.3.2 and asm 9
|
||||
+ 5480 NPE from WebInfConfiguration.deconfigure during WebAppContext shutdown
|
||||
|
|
@ -136,8 +136,8 @@ jetty-9.4.35.v20201120 - 20 November 2020
|
|||
+ 5539 StatisticsServlet output is not valid
|
||||
+ 5562 ArrayTernaryTrie consumes too much memory
|
||||
+ 5575 Add SEARCH as a known HttpMethod
|
||||
+ 5605 CVE-2020-27218 java.io.IOException: unconsumed input during http
|
||||
request parsing
|
||||
+ 5605 java.io.IOException: unconsumed input during http
|
||||
request parsing - Resolves CVE-2020-27218
|
||||
+ 5633 Allow to configure HttpClient request authority
|
||||
|
||||
jetty-9.4.34.v20201102 - 02 November 2020
|
||||
|
|
@ -161,7 +161,7 @@ jetty-9.4.33.v20201020 - 20 October 2020
|
|||
produced by ForwardedHeader
|
||||
+ 5443 Request without Host header fails with NullPointerException in
|
||||
ForwardedRequestCustomizer
|
||||
+ 5451 Improve Working Directory creation
|
||||
+ 5451 Improve Working Directory creation - Resolves CVE-2020-27216
|
||||
+ 5454 Request error context is not reset
|
||||
+ 5475 Update to spifly 1.3.2 and asm 9
|
||||
+ 5480 NPE from WebInfConfiguration.deconfigure during WebAppContext shutdown
|
||||
|
|
@ -394,7 +394,7 @@ jetty-9.4.30.v20200611 - 11 June 2020
|
|||
+ 4923 SecureRequestCustomizer.SslAttributes does not cache cert chain like
|
||||
before
|
||||
+ 4929 HttpClient: HttpCookieStore.Empty prevents sending cookies
|
||||
+ 4936 Response header overflow leads to buffer corruptions
|
||||
+ 4936 Response header overflow leads to buffer corruptions - Resolves CVE-2019-17638
|
||||
|
||||
jetty-9.4.29.v20200521 - 21 May 2020
|
||||
+ 2188 Lock contention creating HTTP/2 streams
|
||||
|
|
@ -531,7 +531,7 @@ jetty-9.4.24.v20191120 - 20 November 2019
|
|||
+ 3083 The ini-template for jetty.console-capture.dir does not match the
|
||||
default value
|
||||
+ 4128 OpenIdCredetials can't decode JWT ID token
|
||||
+ 4334 Better test ErrorHandler changes
|
||||
+ 4334 Better test ErrorHandler changes - Resolves CVE-2019-17632
|
||||
|
||||
jetty-9.4.23.v20191118 - 18 November 2019
|
||||
+ 1485 Add systemd service file
|
||||
|
|
@ -621,6 +621,7 @@ jetty-9.4.22.v20191022 - 22 October 2019
|
|||
inclusion of sessionid
|
||||
|
||||
jetty-9.4.21.v20190926 - 26 September 2019
|
||||
+ Includes fixes for CVE-2019-9511, CVE-2019-9512, CVE-2019-9514, CVE-2019-9515, CVE-2019-9516, and CVE-2019-9518
|
||||
+ 97 Permanent UnavailableException thrown during servlet request handling
|
||||
should cause servlet destroy
|
||||
+ 137 Support OAuth
|
||||
|
|
@ -766,8 +767,8 @@ jetty-9.4.18.v20190429 - 29 April 2019
|
|||
jetty-9.4.17.v20190418 - 18 April 2019
|
||||
+ 2140 Infinispan and hazelcast changes to scavenge zombie expired sessions
|
||||
+ 3464 Split SslContextFactory into Client and Server
|
||||
+ 3549 Directory Listing on Windows reveals Resource Base path
|
||||
+ 3555 DefaultHandler Reveals Base Resource Path of each Context
|
||||
+ 3549 Directory Listing on Windows reveals Resource Base path - Resolves CVE-2019-10246
|
||||
+ 3555 DefaultHandler Reveals Base Resource Path of each Context - Resolves CVE-2019-10247
|
||||
|
||||
jetty-9.4.16.v20190411 - 11 April 2019
|
||||
+ 1861 Limit total bytes pooled by ByteBufferPools
|
||||
|
|
@ -775,7 +776,7 @@ jetty-9.4.16.v20190411 - 11 April 2019
|
|||
+ 3159 WebSocket permessage-deflate RSV1 validity check
|
||||
+ 3274 OSGi versions of java.base classes in
|
||||
org.apache.felix:org.osgi.foundation:jar conflicts with new rules on Java 9+
|
||||
+ 3319 Modernize Directory Listing: HTML5 and Sorting
|
||||
+ 3319 Modernize Directory Listing: HTML5 and Sorting - Resolves CVE-2019-10241
|
||||
+ 3361 HandlerCollection.addHandler is lacking synchronization
|
||||
+ 3373 OutOfMemoryError: Java heap space in GZIPContentDecoder
|
||||
+ 3389 Websockets jsr356 willDecode not invoked during decoding
|
||||
|
|
@ -848,8 +849,8 @@ jetty-9.3.28.v20191105 - 05 November 2019
|
|||
+ 4217 SslConnection.DecryptedEnpoint.flush eternal busy loop
|
||||
|
||||
jetty-9.3.27.v20190418 - 18 April 2019
|
||||
+ 3549 Directory Listing on Windows reveals Resource Base path
|
||||
+ 3555 DefaultHandler Reveals Base Resource Path of each Context
|
||||
+ 3549 Directory Listing on Windows reveals Resource Base path - Resolves CVE-2019-10246
|
||||
+ 3555 DefaultHandler Reveals Base Resource Path of each Context - Resolves CVE-2019-10247
|
||||
|
||||
jetty-9.3.26.v20190403 - 03 April 2019
|
||||
+ 2954 Improve cause reporting for HttpClient failures
|
||||
|
|
@ -857,17 +858,17 @@ jetty-9.3.26.v20190403 - 03 April 2019
|
|||
org.apache.felix:org.osgi.foundation:jar conflicts with new rules on Java 9+
|
||||
+ 3302 Support host:port in X-Forwarded-For header in
|
||||
ForwardedRequestCustomizer
|
||||
+ 3319 Allow reverse sort for directory listed files
|
||||
+ 3319 Allow reverse sort for directory listed files - Resolves CVE-2019-10241
|
||||
|
||||
jetty-9.2.29.v20191105 - 05 November 2019
|
||||
+ 4217 SslConnection.DecryptedEnpoint.flush eternal busy loop
|
||||
|
||||
jetty-9.2.28.v20190418 - 18 April 2019
|
||||
+ 3549 Directory Listing on Windows reveals Resource Base path
|
||||
+ 3555 DefaultHandler Reveals Base Resource Path of each Context
|
||||
+ 3549 Directory Listing on Windows reveals Resource Base path - Resolves CVE-2019-10246
|
||||
+ 3555 DefaultHandler Reveals Base Resource Path of each Context - Resolves CVE-2019-10247
|
||||
|
||||
jetty-9.2.27.v20190403 - 03 April 2019
|
||||
+ 3319 Refactored Directory Listing to modernize and avoid XSS
|
||||
+ 3319 Refactored Directory Listing to modernize and avoid XSS - Resolves CVE-2019-10241
|
||||
|
||||
jetty-9.4.14.v20181114 - 14 November 2018
|
||||
+ 3097 Duplicated programmatic Servlet Listeners causing duplicate calls
|
||||
|
|
|
|||
Loading…
Reference in New Issue