[SERVER-3035] Update Jetty to 9.4.42 - Puppet Jira Server

XML

Word

Printable

Details

Type: Task
Status: Resolved
Priority: Normal
Resolution: Fixed
Affects Version/s: None
Fix Version/s: SERVER 6.16.1, SERVER 7.2.1
Component/s: None
Labels:
- docs-reviewed

Team:
Froyo
Sprint:
Froyo - 6/30/2021

Release Notes:
Security Fix
Release Notes Summary:
Update jetty to 9.4.42, which resolves CVE-2021-28169.

QA Risk Assessment:
Needs Assessment

Description

Jetty has disclosed CVE-2021-28169 (See SEC-620). Which effects us (currently using 9.4.40). We do not believe any of our products are affected, however we should take this opportunity to update to the latest patch release of the 9.4.x series anyways.

Attachments

Activity

People

Assignee:: Justin Stoller

Reporter:: Justin Stoller

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2021/06/23 3:33 PM

Updated:: 2021/07/12 10:48 AM

Resolved:: 2021/06/30 11:20 AM