Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[jetty-dev] Jetty 9.2.25 Release!

The Jetty team is happy to announce the immediate availability of a new release for the Eclipse Jetty 9.2.x branch.
 
This Jetty 9.2.25 includes important CVE fixes (see upcoming email for details) and a small number of bug fixes and improvements. It is recommended that all users upgrade as soon as they are able. A full list of changes for this release is listed at the end of this email.

As a reminder, the “Patch for a Patch” promotion for Jetty is still available, so get your patches, pull requests, etc. submitted.  For each accepted patch, you are now eligible for a free Jetty embroidered patch yourself (while supplies last). We ship worldwide!
 
This release available on the Eclipse Jetty project download page or from the Maven Central repository:
 
Documentation for this release can be found on the Eclipse Jetty project site:
 
If you find any issues with this release, or if you want to suggest future enhancements, please file an issue on the Jetty GitHub page:

Commercial production and development support for Jetty is offered through Webtide (webtide.com). Please contact us for more information or email jesse@xxxxxxxxxxx to discuss your specific needs.

 + 2114 Fix NPE in JettyHttpServerProvider
 + 2135 Android 8.1 needs direct buffers for SSL/TLS to work
 + 2529 HttpParser CVE cleanup
 + 2603 WebSocket ByteAccumulator initialized with wrong maximum
 + 2604 WebSocket ByteAccumulator should report sizes in
   MessageTooLargeException
 
Best Regards,
The Jetty Development Team

Joakim Erdfelt / joakim@xxxxxxxxxxx

Back to the top