Details
-
Bug
-
Status: Closed
-
Critical
-
Resolution: Fixed
-
2.0, 2.0.1, 2.0.2, 2.1
-
Security Level: public (Regular issues)
-
None
Description
See http://svn.codehaus.org/jetty/jetty/branches/jetty-6.1/VERSION.txt
Fixed in 6.1.7 -
- JETTY-386 CERT-553235 backout fix and replaced with ContextHandler.setCompactPath(boolean)
Fixed in 6.1.6rc1 - - CERT VU#38616 handle single quotes in cookie names.
- JETTY-452 CERT VU#237888 Dump Servlet - prevent cross site scripting
Fixed in 6.1.6rc0 - - CVE-2007-5615 Added protection for response splitting with bad headers.
Already fixed in 2.1.
Creating as a placeholder for the 2.0.3 release.