Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Modification for-> There is a vulnerability in Jetty: Java based HTTP… #1228

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Modification for-> There is a vulnerability in Jetty: Java based HTTP… #1228

wants to merge 2 commits into from

Conversation

rai31218
Copy link

Modified the version as mentioned in the issue --> There is a vulnerability in Jetty: Java based HTTP/1.x, HTTP/2, Servlet, WebSocket Server 9.4.8.v20171121,upgrade recommended #948

Modification for-> There is a vulnerability in Jetty: Java based HTTP…
c0ff93f 
…/1.x, HTTP/2, Servlet, WebSocket Server 9.4.8.v20171121,upgrade recommended dtinit#948
@google-cla
Copy link

google-cla bot commented Apr 12, 2023

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

@rai31218
Copy link
Author

I have signed the CLA.. will this PR get merged now ?

@rai31218 rai31218 marked this pull request as draft April 12, 2023 20:40
@rai31218 rai31218 marked this pull request as ready for review April 12, 2023 20:41
@CLAassistant
Copy link

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.

rai31218 seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
You have signed the CLA already but the status is still pending? Let us recheck it.

@lisad
Copy link
Member

lisad commented Oct 28, 2024

Hi @rai31218 ,
I apologize for the delay on this. We moved the repository over to a non-profit owner, the Data Transfer Initiative, and we're now slowly going through a backlog of PRs and issues. Part of moving the repository was changing the license/CLA for the project. Can you sign the new one?

FYI, even with this signed, the PR approved and merged, we will still not be able to close issue #1086 because fully addressing the jetty security vulnerabilities requires upgrading to 9.3.39 or later (this PR upgrades jetty to 9.3.35)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@rai31218 @CLAassistant @lisad