[jetty-dev] jetty 5.1.15, 6.1.18 and 7.0.0.M2

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

[jetty-dev] jetty 5.1.15, 6.1.18 and 7.0.0.M2

From: Greg Wilkins <gregw@xxxxxxxxxxx>
Date: Thu, 21 May 2009 23:02:24 +1000
Delivered-to: jetty-dev@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/private/jetty-dev>
List-help: <mailto:jetty-dev-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/jetty-dev>, <mailto:jetty-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/listinfo/jetty-dev>, <mailto:jetty-dev-request@eclipse.org?subject=unsubscribe>
User-agent: Thunderbird 2.0.0.21 (X11/20090409)


Versions of 5.1.15, 6.1.18 of jetty are now available via http://jetty.codehaus.org
Version 7.0.0.M2 of jetty is now available via http://eclipse.org/jetty

These releases complete the fix for the security vulnerability
announced wth 6.1.17, as well as many other improvements
and fixes.  Even if your configuration is not vulnerable ( not
using ResourceHandler or with the default aliases false mode),
it is recommended that you upgrade to one of these releases.

jetty-7.0.0.M2
+ JETTY-937 Work around Sun JVM bugs
+ JETTY-941 Linux chkconfig hint
+ JETTY-959 CGI servlet doesn’t kill the CGI in case the client disconnects
+ JETTY-980 Fixed ResourceHandler ? handling, and bad URI creation in listings
+ JETTY-996 Make start-stop-daemon optional
+ 273767 Update to use geronimo annotations spec 1.1.1
+ JETTY-1003 java.lang.IllegalArgumentException: timeout can’t be negative
+ JETTY-1004 CERT VU#402580 Canonical path handling includes ? in path segment
+ JETTY-1013 MySql Error with JDBCUserRealm
+ JETTY-1014 Enable start-stop-daemon by default on jetty.sh (START_STOP_DAEMON=1)
+ JETTY-1015 Reduce BayeuxClient and HttpClient lock contention
+ JETTY-1020 ZipException in org.mortbay.jetty.webapp.TagLibConfiguration prevents all contexts from being loaded
+ 275396 Added ScopedHandler to set servlet scope before security handler
+ 275396 Added Authentication.Wrapped to allow JSAPI wrapping

jetty-6.1.18 16 May 2009
+ JETTY-937 Improved work around sun JVM selector bugs
+ JETTY-1004 CERT VU#402580 Canonical path handling includes ? in path segment
+ JETTY-1008 ContinuationBayeux destroy is called
+ JETTY-1013 MySql Error with JDBCUserRealm
+ JETTY-1014 Enable start-stop-daemon by default on jetty.sh (START_STOP_DAEMON=1)
+ JETTY-1015 Reduce BayeuxClient and HttpClient lock contention
+ JETTY-1017 HttpDestination has too coarse locking
+ JETTY-1018 Denial of Service Filter
+ JETTY-1020 ZipException in org.mortbay.jetty.webapp.TagLibConfiguration prevents all contexts from being loaded
+ JETTY-1022 Removed several 1.5isms

Jetty-5.1.15 – 18 May 2009
+ JETTY-418 synchronized load class
+ JETTY-1004 CERT VU402580 Canonical path handling includes ? in path segment
+ Fixes for CERT438616-CERT237888-CERT21284

Prev by Date: Re: [jetty-dev] How to host files greater than 2GB. ?
Next by Date: [jetty-dev] How do I set a ServletContext attribute ?
Previous by thread: [jetty-dev] bugzilla issue notification
Next by thread: [jetty-dev] How do I set a ServletContext attribute ?
Index(es):
- Date
- Thread

Breadcrumbs