Update jetty version to 9.4.35.v20201120
Includes a fix for CVE-2020-27218 [1] that affects versions prior to 9.4.35.v20201120. As of: [2] new dependency was added to jetty-servlet: jetty-util-ajax. [1] https://nvd.nist.gov/vuln/detail/CVE-2020-27218 [2] https://github.com/eclipse/jetty.project/issues/5539 Change-Id: I51549c9588f5748f36e145f8c4b347f97c08b4d8
This commit is contained in:
David Ostrovsky
@@ -73,6 +73,7 @@ Apache2.0
|
||||
* jetty:server
|
||||
* jetty:servlet
|
||||
* jetty:util
|
||||
* jetty:util-ajax
|
||||
* log:json-smart
|
||||
* log:jsonevent-layout
|
||||
* log:log4j
|
||||
|
||||
25
WORKSPACE
25
WORKSPACE
@@ -873,54 +873,61 @@ maven_jar(
|
||||
sha1 = "7e060dd5b19431e6d198e91ff670644372f60fbd",
|
||||
)
|
||||
|
||||
JETTY_VERS = "9.4.33.v20201020"
|
||||
JETTY_VERS = "9.4.35.v20201120"
|
||||
|
||||
maven_jar(
|
||||
name = "jetty-servlet",
|
||||
artifact = "org.eclipse.jetty:jetty-servlet:" + JETTY_VERS,
|
||||
sha1 = "101609e8e5365c4406e4448099459eb605ac551f",
|
||||
sha1 = "3e61bcb471e1bfc545ce866cbbe33c3aedeec9b1",
|
||||
)
|
||||
|
||||
maven_jar(
|
||||
name = "jetty-security",
|
||||
artifact = "org.eclipse.jetty:jetty-security:" + JETTY_VERS,
|
||||
sha1 = "c150bf2aca6cb1636e7195f844a2bb156546e50e",
|
||||
sha1 = "80dc2f422789c78315de76d289b7a5b36c3232d5",
|
||||
)
|
||||
|
||||
maven_jar(
|
||||
name = "jetty-server",
|
||||
artifact = "org.eclipse.jetty:jetty-server:" + JETTY_VERS,
|
||||
sha1 = "f586ff2ee048ad2575866c1833d854288f402307",
|
||||
sha1 = "513502352fd689d4730b2935421b990ada8cc818",
|
||||
)
|
||||
|
||||
maven_jar(
|
||||
name = "jetty-jmx",
|
||||
artifact = "org.eclipse.jetty:jetty-jmx:" + JETTY_VERS,
|
||||
sha1 = "56b723070eeafc51b943cd9bf1a064a037e806a7",
|
||||
sha1 = "38812031940a466d626ab5d9bbbd9d5d39e9f735",
|
||||
)
|
||||
|
||||
maven_jar(
|
||||
name = "jetty-continuation",
|
||||
artifact = "org.eclipse.jetty:jetty-continuation:" + JETTY_VERS,
|
||||
sha1 = "f672e58d528fc83060558ab4fc6a797c8137dfcb",
|
||||
sha1 = "09f021e5895471f622ec8f95e28f5815ea7ee192",
|
||||
)
|
||||
|
||||
maven_jar(
|
||||
name = "jetty-http",
|
||||
artifact = "org.eclipse.jetty:jetty-http:" + JETTY_VERS,
|
||||
sha1 = "ad28940f89ffde6ec1bd1656fe3f8493b01ba3c2",
|
||||
sha1 = "45d35131a35a1e76991682174421e8cdf765fb9f",
|
||||
)
|
||||
|
||||
maven_jar(
|
||||
name = "jetty-io",
|
||||
artifact = "org.eclipse.jetty:jetty-io:" + JETTY_VERS,
|
||||
sha1 = "9e4b0048285b71f4769908780f957a470eca11da",
|
||||
sha1 = "eb9460700b99b71ecd82a53697f5ff99f69b9e1c",
|
||||
)
|
||||
|
||||
maven_jar(
|
||||
name = "jetty-util",
|
||||
artifact = "org.eclipse.jetty:jetty-util:" + JETTY_VERS,
|
||||
sha1 = "c88807f210ab216aa831b48569ef50bd797384bc",
|
||||
sha1 = "ef61b83f9715c3b5355b633d9f01d2834f908ece",
|
||||
)
|
||||
|
||||
maven_jar(
|
||||
name = "jetty-util-ajax",
|
||||
artifact = "org.eclipse.jetty:jetty-util-ajax:" + JETTY_VERS,
|
||||
sha1 = "ebbb43912c6423bedb3458e44aee28eeb4d66f27",
|
||||
src_sha1 = "b3acea974a17493afb125a9dfbe783870ce1d2f9",
|
||||
)
|
||||
|
||||
maven_jar(
|
||||
|
||||
@@ -4,7 +4,10 @@ java_library(
|
||||
name = "servlet",
|
||||
data = ["//lib:LICENSE-Apache2.0"],
|
||||
visibility = ["//visibility:public"],
|
||||
exports = ["@jetty-servlet//jar"],
|
||||
exports = [
|
||||
":util-ajax",
|
||||
"@jetty-servlet//jar",
|
||||
],
|
||||
runtime_deps = [":security"],
|
||||
)
|
||||
|
||||
@@ -69,3 +72,9 @@ java_library(
|
||||
data = ["//lib:LICENSE-Apache2.0"],
|
||||
exports = ["@jetty-util//jar"],
|
||||
)
|
||||
|
||||
java_library(
|
||||
name = "util-ajax",
|
||||
data = ["//lib:LICENSE-Apache2.0"],
|
||||
exports = ["@jetty-util-ajax//jar"],
|
||||
)
|
||||
|
||||
Reference in New Issue
Block a user