[jira] [Resolved] (KARAF-7777) Update Eclipse Jetty to solve CVE-2023-44487

Jira Mon, 30 Oct 2023 00:00:28 -0700


     [ 
https://issues.apache.org/jira/browse/KARAF-7777?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Jean-Baptiste Onofré resolved KARAF-7777.
-----------------------------------------
    Resolution: Invalid

Already planned with Pax Web update as well.

> Update Eclipse Jetty to solve CVE-2023-44487
> --------------------------------------------
>
>                 Key: KARAF-7777
>                 URL: https://issues.apache.org/jira/browse/KARAF-7777
>             Project: Karaf
>          Issue Type: Dependency upgrade
>          Components: karaf
>    Affects Versions: 4.4.4
>            Reporter: Prabhakaran Rajendran
>            Priority: Major
>              Labels: security
>
> As per [https://nvd.nist.gov/vuln/detail/CVE-2023-44487], Eclipse Jetty till 
> 9.4.52 is affected by this vulnerability. To solve it, upgrade to 9.4.53 
> should be used. Hence this 3pp update is needed in Karaf.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Resolved] (KARAF-7777) Update Eclipse Jetty to solve CVE-2023-44487

Reply via email to