Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-dev] Jetty Version having fix for Denial of Service (https://bugzilla.redhat.com/show_bug.cgi?id=781677)

Prakash,

Jetty-5 is no longer a supported/developed release.  There are fixes available for jetty 6, 7 and 8.  You can also protect against this attack by reducing the maximum form content size to < 4k.
Note that as an open source project, you can modify the source of jetty-5  and build your own version.   We just do not have the resources available to do an official release of such an old version.
regards


On 28 March 2012 03:13, prakash mallick <pcmallick@xxxxxxxxx> wrote:
Hi All, 
        We are using Jetty version Jetty-5.1.14 binary, can anybody please tell me if we can have an immediate  version w.r.t 5.1.14 having fix for https://bugzilla.redhat.com/show_bug.cgi?id=781677

Thanks and Regards,
Prakash

_______________________________________________
jetty-dev mailing list
jetty-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/jetty-dev


Back to the top