jetty 5.1.15, 6.1.18 and 7.0.0.M2

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

jetty 5.1.15, 6.1.18 and 7.0.0.M2

Greg Wilkins


Versions of 5.1.15, 6.1.18 of jetty are now available via http://jetty.codehaus.org
Version 7.0.0.M2 of jetty is now available via http://eclipse.org/jetty

These releases complete the fix for the security vulnerability
announced wth 6.1.17, as well as many other improvements
and fixes.  Even if your configuration is not vulnerable ( not
using ResourceHandler or with the default aliases false mode),
it is recommended that you upgrade to one of these releases.

jetty-7.0.0.M2
+ JETTY-937 Work around Sun JVM bugs
+ JETTY-941 Linux chkconfig hint
+ JETTY-959 CGI servlet doesn’t kill the CGI in case the client disconnects
+ JETTY-980 Fixed ResourceHandler ? handling, and bad URI creation in listings
+ JETTY-996 Make start-stop-daemon optional
+ 273767 Update to use geronimo annotations spec 1.1.1
+ JETTY-1003 java.lang.IllegalArgumentException: timeout can’t be negative
+ JETTY-1004 CERT VU#402580 Canonical path handling includes ? in path segment
+ JETTY-1013 MySql Error with JDBCUserRealm
+ JETTY-1014 Enable start-stop-daemon by default on jetty.sh (START_STOP_DAEMON=1)
+ JETTY-1015 Reduce BayeuxClient and HttpClient lock contention
+ JETTY-1020 ZipException in org.mortbay.jetty.webapp.TagLibConfiguration prevents all contexts from being loaded
+ 275396 Added ScopedHandler to set servlet scope before security handler
+ 275396 Added Authentication.Wrapped to allow JSAPI wrapping

jetty-6.1.18 16 May 2009
+ JETTY-937 Improved work around sun JVM selector bugs
+ JETTY-1004 CERT VU#402580 Canonical path handling includes ? in path segment
+ JETTY-1008 ContinuationBayeux destroy is called
+ JETTY-1013 MySql Error with JDBCUserRealm
+ JETTY-1014 Enable start-stop-daemon by default on jetty.sh (START_STOP_DAEMON=1)
+ JETTY-1015 Reduce BayeuxClient and HttpClient lock contention
+ JETTY-1017 HttpDestination has too coarse locking
+ JETTY-1018 Denial of Service Filter
+ JETTY-1020 ZipException in org.mortbay.jetty.webapp.TagLibConfiguration prevents all contexts from being loaded
+ JETTY-1022 Removed several 1.5isms

Jetty-5.1.15 – 18 May 2009
+ JETTY-418 synchronized load class
+ JETTY-1004 CERT VU402580 Canonical path handling includes ? in path segment
+ Fixes for CERT438616-CERT237888-CERT21284

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email