commit jetty-minimal for openSUSE:Factory

Source-Sync Fri, 13 Oct 2023 10:16:23 -0700

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package jetty-minimal for openSUSE:Factory 
checked in at 2023-10-12 23:44:38
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/jetty-minimal (Old)
 and      /work/SRC/openSUSE:Factory/.jetty-minimal.new.1807 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "jetty-minimal"

Thu Oct 12 23:44:38 2023 rev:20 rq:1117494 version:9.4.53

Changes:
--------
--- /work/SRC/openSUSE:Factory/jetty-minimal/jetty-minimal.changes      
2023-09-10 13:11:45.429827546 +0200
+++ /work/SRC/openSUSE:Factory/.jetty-minimal.new.1807/jetty-minimal.changes    
2023-10-12 23:47:54.909509605 +0200
@@ -1,0 +2,26 @@
+Thu Oct 12 15:51:00 UTC 2023 - Fridrich Strba <fst...@suse.com>
+
+- Upgrade to version 9.4.53.v20231009
+  * Fixes of 9.4.53.v20231009
+    + CVE-2023-44487, bsc#1216169
+    + CVE-2023-36478, bsc#1216162
+    + #10679 - backport HTTP/2 rate control from Jetty 10.0.x
+    + #10573 - backport hpack improvements from Jetty 10.0.x
+    + #10546 - backport jetty-http Huffman encoders/decoders from
+      Jetty 10.0.x
+  * Fixes of 9.4.52.v20230823
+    + #10352 - Jetty accepts "+" prefixed value in Content-Length
+      (CVE-2023-40167, bsc#1215417)
+    + #10337 - SizeLimitHandler does not enforce 0 responseLimit
+    + #10169 - make sure that a ServiceLoader is retrieved before
+      iterating 
+    + #10066 - Allow SAXParserFactory or SAXParser to be configured
+      in Jetty's XmlParser class - Allows for GHSA-58qw-p7qm-5rvh
+      workaround
+    + #9887 - Deprecate CGI Servlet (CVE-2023-36479, bsc#1215415)
+    + #9716 - Deprecate PushSessionCacheFilter
+    + #9660 - OpenId Revoked authentication allows one request
+      (CVE-2023-41900, bsc#1215416)
+    + #9476 - onCompleteFailure called multiple times
+
+-------------------------------------------------------------------
jetty-unixsocket.changes: same change
jetty-websocket.changes: same change

Old:
----
  jetty.project-jetty-9.4.51.v20230217.tar.gz

New:
----
  jetty.project-jetty-9.4.53.v20231009.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ jetty-minimal.spec ++++++
--- /var/tmp/diff_new_pack.p9CHMq/_old  2023-10-12 23:47:56.197556243 +0200
+++ /var/tmp/diff_new_pack.p9CHMq/_new  2023-10-12 23:47:56.201556388 +0200
@@ -18,10 +18,10 @@
 
 
 %global base_name jetty
-%global addver  .v20230217
+%global addver  .v20231009
 %define src_name %{base_name}.project-%{base_name}-%{version}%{addver}
 Name:           %{base_name}-minimal
-Version:        9.4.51
+Version:        9.4.53
 Release:        0
 Summary:        Java Webserver and Servlet Container
 License:        Apache-2.0 OR EPL-1.0
@@ -43,15 +43,16 @@
 BuildRequires:  mvn(org.codehaus.mojo:build-helper-maven-plugin)
 BuildRequires:  mvn(org.eclipse.jetty.orbit:javax.mail.glassfish)
 BuildRequires:  mvn(org.eclipse.jetty.toolchain:jetty-schemas)
+BuildRequires:  mvn(org.jboss.logging:jboss-logging)
 BuildRequires:  mvn(org.ow2.asm:asm)
 BuildRequires:  mvn(org.ow2.asm:asm-commons)
 BuildRequires:  mvn(org.slf4j:slf4j-api)
+BuildArch:      noarch
 %ifarch %{ix86}
 BuildConflicts: java >= 12
 BuildConflicts: java-devel >= 12
 BuildConflicts: java-headless >= 12
 %endif
-BuildArch:      noarch
 
 %description
 

++++++ jetty-unixsocket.spec ++++++
--- /var/tmp/diff_new_pack.p9CHMq/_old  2023-10-12 23:47:56.225557257 +0200
+++ /var/tmp/diff_new_pack.p9CHMq/_new  2023-10-12 23:47:56.229557402 +0200
@@ -18,10 +18,10 @@
 
 
 %global base_name jetty
-%global addver  .v20230217
+%global addver  .v20231009
 %define src_name %{base_name}.project-%{base_name}-%{version}%{addver}
 Name:           %{base_name}-unixsocket
-Version:        9.4.51
+Version:        9.4.53
 Release:        0
 Summary:        The unixsocket modules for Jetty
 License:        Apache-2.0 OR EPL-1.0

++++++ jetty-websocket.spec ++++++
--- /var/tmp/diff_new_pack.p9CHMq/_old  2023-10-12 23:47:56.253558270 +0200
+++ /var/tmp/diff_new_pack.p9CHMq/_new  2023-10-12 23:47:56.257558415 +0200
@@ -18,10 +18,10 @@
 
 
 %global base_name jetty
-%global addver  .v20230217
+%global addver  .v20231009
 %define src_name %{base_name}.project-%{base_name}-%{version}%{addver}
 Name:           %{base_name}-websocket
-Version:        9.4.51
+Version:        9.4.53
 Release:        0
 Summary:        The websocket modules for Jetty
 License:        Apache-2.0 OR EPL-1.0

++++++ jetty.project-jetty-9.4.51.v20230217.tar.gz -> 
jetty.project-jetty-9.4.53.v20231009.tar.gz ++++++
/work/SRC/openSUSE:Factory/jetty-minimal/jetty.project-jetty-9.4.51.v20230217.tar.gz
 
/work/SRC/openSUSE:Factory/.jetty-minimal.new.1807/jetty.project-jetty-9.4.53.v20231009.tar.gz
 differ: char 12, line 1

commit jetty-minimal for openSUSE:Factory

Reply via email to