[KAFKA-12655] CVE-2021-28165 - Upgrade jetty to 9.4.39 - ASF JIRA

Agile Board

Attach files

Attach Screenshot

Voters

Watch issue

Watchers

Create sub-task

Link

Clone

Update Comment Author

Replace String in Comment

Update Comment Visibility

Delete Comments

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 2.7.0, 2.6.1
Fix Version/s: 2.8.0, 2.7.1, 2.6.2, 3.0.0
Component/s: None
Labels:
- CVE
- security

Description

CVE-2021-28165 vulnerability affects Jetty versions up to 9.4.38. For more information see https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28165

Upgrading to Jetty version 9.4.39 should address this issue (https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.39.v20210325).

Attachments

Add Link

Issue Links

links to

GitHub Pull Request #10526

Delete this link

Activity

Comment

$i18n.getText('security.level.explanation', $currentSelection) Viewable by All Users

Cancel

People

Assignee:

Dongjin Lee

Reporter:

Edwin Hobor

Votes:

0 Vote for this issue

Watchers:

2 Start watching this issue

Dates

Created:

12/Apr/21 08:15

Updated:

15/Jul/21 13:20

Resolved:

13/Apr/21 06:41

Agile

View on Board

Details

Description

Attachments

Attachments

Issue Links

Activity

People

Dates

Agile

Issue deployment