We're updating the issue view to help you get more done. 

Update Jetty to 9.2.x version

Description

http://www.eclipse.org/jetty

9.2 has some API changes, so it's not a trivial task.

Environment

None

Acceptance Test - Entry

None

Activity

Show:
Neustradamus
February 7, 2015, 5:05 PM

Thanks Tom
But it will not be in 3.10.0?

wroot
February 19, 2015, 7:32 PM

I think Dele is asking to revert this patch because of some issues in OfMeet and plugins. But i have one more question. If this is intended for 3.10.1, then how can it be isolated in the build system, so we can test new fixes for 3.10.0 branch? Now all new builds contain everything (Jetty 9.2 an new fixes).

Tom Evans
February 19, 2015, 9:51 PM

I am pretty sure that Dele's request was related to (which has been fixed). I will mark this for 3.10.0 since it has been merged into the main branch.

Guus der Kinderen
February 25, 2015, 8:33 AM
Edited

This morning, I noticed this announcement on the Jetty-Users maillinglist:

The Jetty Project is announcing a critical security release of Jetty

Jetty 9.2.9.v20150224

This release is considered a critical security release for all
users of Jetty 9.2.3 through 9.2.8.

The full message is here: http://dev.eclipse.org/mhonarc/lists/jetty-users/msg05594.html

I am re-opening this issue, as the fix-version has not been released yet (and I feel we should prevent it from being released without addressing this vulnerability). I'll have a stab at updating the libraries later today.

Guus der Kinderen
February 25, 2015, 10:33 AM
Edited

Checked in the update for Openfire.

I'm noticing that the connenction-manager project lags behind considerably. It currently is based on Jetty 7.0.1. I'm tackling this now. In hindsight, this is more work, as other changes that were applied to Openfire need to be applied to CM as well. Lets tackle this as a separate issue.

Fixed

Assignee

Guus der Kinderen

Reporter

wroot

Labels

Expected Effort

None

Ignite Forum URL

None

Components

Fix versions

Affects versions

Priority

Minor
Configure