Releases: jetty/jetty.project
Releases · jetty/jetty.project
9.3.30.v20211001
9.4.44.v20210927
Changelog
- #6883 - Welcome file redirects do not honor the relativeRedirectAllowed option
- #6870 - Encode control characters in URIUtil.encodePath
- #6869 - Correct Content-Type within HTML error pages
- #6860 - IPv6 format
- #6652 - Improve ReservedThreadExecutor dump
- #6618 - ID token
azp
claim should not be required ifaud
is single value array - #6617 - Add basic auth support for OpenId token endpoint (client_secret_basic)
- #6603 - HTTP/2 max local stream count exceeded
- #6562 - HttpOutput.write(ByteBuffer buffer)
- #6558 - Allow to configure return type in JSON array parsing
- #6554 - Allow creation of DefaultIdentityService without realmName.
- #6553 - Review usage of Authentication.UNAUTHENTICATED in SecurityHandler
- #6535 - Non blocking ReservedThreadExecutor
- #6520 - Error page has HTML error when writePoweredBy is enabled.
- #6487 - Expose ServletHolder getter in ServletHandler$ChainEnd for auditing libraries to use
Updated Dependencies
- #6922 - Bump hawtio-default from 2.13.5 to 2.14.0
- #6919 - Bump jamon.version from 2.81 to 2.82
- #6906 - Bump google-cloud-datastore from 2.1.0 to 2.1.2
- #6903 - Bump grpc-core from 1.40.1 to 1.41.0
- #6865 - Bump jnr-unixsocket from 0.38.10 to 0.38.11
- #6858 - Bump guice from 4.2.2 to 5.0.1
- #6857 - Bump org.eclipse.osgi.services from 3.10.100 to 3.10.200
- #6847 - Bump org.eclipse.osgi.util from 3.6.0 to 3.6.100
- #6841 - Bump org.eclipse.osgi from 3.16.300 to 3.17.0
- #6816 - Bump mariadb-java-client from 2.7.0 to 2.7.4
- #6786 - Bump org.eclipse.osgi from 3.16.0 to 3.16.300
- #6772 - Update to asm 9.2
- #6746 - Bump hazelcast.version from 3.12.10 to 3.12.12
- #6739 - Bump jmh.version from 1.26 to 1.33
- #6671 - Update to apache jsp 8.5.70
9.4.43.v20210629
11.0.6
Changelog
- This release resolves CVE-2021-34429
- #6473 - Improve alias checking in PathResource
- #6468 - Revert logic in Request.setMetaData & clear emptySegment on HttpUri.clear()
- #6464 - Wrong files/lib definitions in certain *-capture.mod files?
- #6447 - Deprecate support for UTF16 encoding in URIs
- #6426 - Update to spifly 1.3.3
- #6425 - Update to asm 9.1
- #6418 - Bad and/or missing Require-Capability for osgi.serviceloader
- #6410 - Ensure Jetty IO uses SocketAddress instead of InetSocketAddress
- #6407 - Malformed scheme logical expression check in WebSocket ClientUpgradeRequest
- #6394 - Review osgi manifests within Jetty 11
- #6376 - Cleanups for SslClientCertAuthenticator.
- #6375 - Always check XML
Set
elements withproperty
attribute - #6353 - Rename EWYK The AdaptiveExecutionStrategy
10.0.6
Changelog
- This release resolves CVE-2021-34429
- #6473 - Improve alias checking in PathResource
- #6468 - Revert logic in Request.setMetaData & clear emptySegment on HttpUri.clear()
- #6464 - Wrong files/lib definitions in certain *-capture.mod files?
- #6447 - Deprecate support for UTF16 encoding in URIs
- #6426 - Update to spifly 1.3.3
- #6425 - Update to asm 9.1
- #6418 - Bad and/or missing Require-Capability for osgi.serviceloader
- #6410 - Ensure Jetty IO uses SocketAddress instead of InetSocketAddress
- #6407 - Malformed scheme logical expression check in WebSocket ClientUpgradeRequest
- #6394 - Review osgi manifests within Jetty 10
- #6376 - Cleanups for SslClientCertAuthenticator.
- #6375 - Always check XML
Set
elements withproperty
attribute - #6353 - Rename EWYK The AdaptiveExecutionStrategy
11.0.5
Changelog
- #6392 - Review accidental xml config changes
- #6379 - Reduce contention in all
ByteBufferPool
implementations - #6354 - org.slfj dependency imports packages at 2.0
- #6329 - Regression on graceful shutdown default in Jetty 10
- #6302 - Treat empty path segments are ambiguous.
- #4772 - Jetty WebSocket API onMessage annotation does not support partial messages.
10.0.5
Changelog
- #6392 - Review accidental xml config changes
- #6379 - Reduce contention in all
ByteBufferPool
implementations - #6354 - org.slfj dependency imports packages at 2.0
- #6329 - Regression on graceful shutdown default in Jetty 10
- #6302 - Treat empty path segments are ambiguous.
- #4772 - Jetty WebSocket API onMessage annotation does not support partial messages.
9.4.42.v20210604
Changelog
- #6342 - Explain EatWhatYouKill naming
- #6330 - CustomRequestLog is missing HTTP version format option
- #6323 - HttpClient gets stuck/never calls onComplete() when multiple requests with timeouts are sent
- #6308 - Ensure buffers are returned to pool by MessageInputStream
- #6287 - Class loading broken for WebSocketClient used inside webapp
- #6285 - HTTP2 client: IllegalStateException: Cannot release an already released entry
- #6276 - Support non-standard domains in SNI and X509
- #6268 - Warnings about "unable to parse form content" are not helpful for troubleshooting
- #6118 - Display a warning when Hazelcast configuration does not contain Jetty session serializer
- #5931 - SslConnection should implement getBytesIn()/getBytesOut()
11.0.4
Special Thanks to the following Eclipse Jetty community members
- @tjwatson (Thomas Watson)
Changelog
- #6354 - org.slfj dependency imports packages at 2.0 (@tjwatson)
- #6347 - session-store-gcloud module broken logging dependency
- #6330 - CustomRequestLog is missing HTTP version format option
- #6305 - Optimise
ContextHandler.isProtectedTarget
- #6285 - HTTP2 client: IllegalStateException: Cannot release an already released entry
- #6276 - Support non-standard domains in SNI and X509
- #6268 - Warnings about "unable to parse form content" are not helpful for troubleshooting
- #6118 - Display a warning when Hazelcast configuration does not contain Jetty session serializer
- #6114 - Jetty Deploy scan / symlink behavior is broken
- #6112 - Jetty logging service file leaking to web applications
10.0.4
Special Thanks to the following Eclipse Jetty community members
- @tjwatson (Thomas Watson)
Changelog
- #6354 - org.slfj dependency imports packages at 2.0 (@tjwatson)
- #6347 - session-store-gcloud module broken logging dependency
- #6330 - CustomRequestLog is missing HTTP version format option
- #6305 - Optimise
ContextHandler.isProtectedTarget
- #6285 - HTTP2 client: IllegalStateException: Cannot release an already released entry
- #6276 - Support non-standard domains in SNI and X509
- #6268 - Warnings about "unable to parse form content" are not helpful for troubleshooting
- #6118 - Display a warning when Hazelcast configuration does not contain Jetty session serializer
- #6114 - Jetty Deploy scan / symlink behavior is broken
- #6112 - Jetty logging service file leaking to web applications