root
/
kafka
mirror of https://github.com/apache/kafka.git
1
0
Fork 0
Code Issues Actions 4 Packages Projects Releases Wiki Activity
kafka/gradle
History
Lee Dongjin c71ec552d1 KAFKA-12324: Upgrade jetty to fix CVE-2020-27218 
Here is the fix. The reason of [CVE-2020-27218](https://nvd.nist.gov/vuln/detail/CVE-2020-27218) was [Incorrect recycling of `HttpInput`](https://bugs.eclipse.org/bugs/show_bug.cgi?id=568892) and [patched in 9.4.35.v20201120](https://github.com/eclipse/jetty.project/security/advisories/GHSA-86wm-rrjm-8wh8).

This PR updates Jetty dependency into the following version, 9.4.36.v20210114.

Author: Lee Dongjin <dongjin@apache.org>

Reviewers: Manikumar Reddy <manikumar.reddy@gmail.com>

Closes #10177 from dongjinleekr/feature/KAFKA-12324
 		2021-02-22 23:19:06 +05:30
..
resources kafka-2248; Use Apache Rat to enforce copyright headers; patched by Ewen Cheslack-Postava; reviewed by Gwen Shapira, Joel Joshy and Jun Rao 2015-07-06 15:47:40 -07:00
wrapper MINOR: Update to Gradle 6.8.1 (#9953) 2021-01-23 15:54:06 -08:00
buildscript.gradle MINOR: Use https instead of http in links (#6477) 2019-04-22 11:58:25 -07:00
dependencies.gradle KAFKA-12324: Upgrade jetty to fix CVE-2020-27218 2021-02-22 23:19:06 +05:30
rat.gradle MINOR: replace hard-coding utf-8 with StandardCharsets.UTF_8 (#10079) 2021-02-09 10:06:01 +08:00
spotbugs-exclude.xml KAFKA-12327: Remove MethodHandle usage in CompressionType (#10123) 2021-02-14 08:12:25 -08:00