Joakim Erdfelt
2018-06-25 16:15:13 UTC
The Jetty team is happy to announce the immediate availability of a new
release for the Eclipse Jetty 9.4.x branch.
This Jetty 9.4.11 includes important CVE fixes (see upcoming email for
details) and a number of bug fixes and improvements. It is recommended that
all users upgrade as soon as they are able. A full list of changes for this
release is listed at the end of this email.
-
https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.11.v20180605
As a reminder, the âPatch for a Patchâ promotion for Jetty is still
available, so get your patches, pull requests, etc. submitted. For each
accepted patch, you are now eligible for a free Jetty embroidered patch
yourself (while supplies last). We ship worldwide!
This release available on the Eclipse Jetty project download page or from
the Maven Central repository:
- Eclipse: https://www.eclipse.org/jetty/download.html
- Maven Central: http://central.maven.org/maven2/org/eclipse/jetty/
Documentation for this release can be found on the Eclipse Jetty project
site:
- https://www.eclipse.org/jetty/documentation/
If you find any issues with this release, or if you want to suggest future
enhancements, please file an issue on the Jetty GitHub page:
- https://github.com/eclipse/jetty.project/issues/new
Commercial production and development support for Jetty is offered through
Webtide (webtide.com). Please contact us for more information or email
***@webtide.com to discuss your specific needs.
+ 1785 Support for ***@connectorname syntax of virtual hosts
+ 2346 Revert stack trace logging for HTTPChannel.onException
+ 2439 Remove HTTP/2 data copy
+ 2472 central.maven.org doesn't work with https
+ 2484 Repeated null check in MimeTypes.getDefaultMimeByExtension
+ 2496 Jetty Maven Plugin should skip execution on projects it cannot support
+ 2516 NPE at SslClientConnectionFactory.newConnection()
+ 2518 HttpClient cannot handle bad servers that report multiple 100-continue
responses in the same conversation
+ 2525 Deprecate BlockingTimeout mechanism for removal in future release
+ 2529 HttpParser CVE cleanup
+ 2532 Improve parser handing of tokens
+ 2545 Slow HTTP2 per-stream download performance
+ 2546 Incorrect parsing of PROXY protocol v2
+ 2548 Possible deadlock failing HTTP/2 stream creation
+ 2549 ConsumeAll and requestRecycle
+ 2550 Coalesce overlapping HTTP requested byte ranges
+ 2556 "file:" prefix in jetty.base variable
+ 2559 Use Configurator declared in ServerEndpointConfig over one declared in
the @ServerEndpoint annotation
+ 2560 PathResource exception handling
+ 2568 QueuedThreadPool.getBusyThreads() should take into account
ReservedThreadExecutor.getAvailable()
+ 2571 Jetty Client 9.4.x incorrectly handles too large fields from nginx 1.14
server
+ 2574 Clarify max request queued exception message
+ 2575 Work around broken OSGi implementations Bundle.getEntry()
behavior returning
with unescaped URLs
+ 2580 Stop creating unnecessary exceptions with MultiException
+ 2586 Update to asm 6.2
+ 2603 WebSocket ByteAccumulator initialized with wrong maximum
+ 2604 WebSocket ByteAccumulator should report sizes in
MessageTooLargeException
+ 2616 Trailers preventing client from processing all the data
+ 2619 QueuedThreadPool race can shrink newly created idle threads before use
Best Regards,
The Jetty Development Team
Joakim Erdfelt / ***@webtide.com
release for the Eclipse Jetty 9.4.x branch.
This Jetty 9.4.11 includes important CVE fixes (see upcoming email for
details) and a number of bug fixes and improvements. It is recommended that
all users upgrade as soon as they are able. A full list of changes for this
release is listed at the end of this email.
-
https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.11.v20180605
As a reminder, the âPatch for a Patchâ promotion for Jetty is still
available, so get your patches, pull requests, etc. submitted. For each
accepted patch, you are now eligible for a free Jetty embroidered patch
yourself (while supplies last). We ship worldwide!
This release available on the Eclipse Jetty project download page or from
the Maven Central repository:
- Eclipse: https://www.eclipse.org/jetty/download.html
- Maven Central: http://central.maven.org/maven2/org/eclipse/jetty/
Documentation for this release can be found on the Eclipse Jetty project
site:
- https://www.eclipse.org/jetty/documentation/
If you find any issues with this release, or if you want to suggest future
enhancements, please file an issue on the Jetty GitHub page:
- https://github.com/eclipse/jetty.project/issues/new
Commercial production and development support for Jetty is offered through
Webtide (webtide.com). Please contact us for more information or email
***@webtide.com to discuss your specific needs.
+ 1785 Support for ***@connectorname syntax of virtual hosts
+ 2346 Revert stack trace logging for HTTPChannel.onException
+ 2439 Remove HTTP/2 data copy
+ 2472 central.maven.org doesn't work with https
+ 2484 Repeated null check in MimeTypes.getDefaultMimeByExtension
+ 2496 Jetty Maven Plugin should skip execution on projects it cannot support
+ 2516 NPE at SslClientConnectionFactory.newConnection()
+ 2518 HttpClient cannot handle bad servers that report multiple 100-continue
responses in the same conversation
+ 2525 Deprecate BlockingTimeout mechanism for removal in future release
+ 2529 HttpParser CVE cleanup
+ 2532 Improve parser handing of tokens
+ 2545 Slow HTTP2 per-stream download performance
+ 2546 Incorrect parsing of PROXY protocol v2
+ 2548 Possible deadlock failing HTTP/2 stream creation
+ 2549 ConsumeAll and requestRecycle
+ 2550 Coalesce overlapping HTTP requested byte ranges
+ 2556 "file:" prefix in jetty.base variable
+ 2559 Use Configurator declared in ServerEndpointConfig over one declared in
the @ServerEndpoint annotation
+ 2560 PathResource exception handling
+ 2568 QueuedThreadPool.getBusyThreads() should take into account
ReservedThreadExecutor.getAvailable()
+ 2571 Jetty Client 9.4.x incorrectly handles too large fields from nginx 1.14
server
+ 2574 Clarify max request queued exception message
+ 2575 Work around broken OSGi implementations Bundle.getEntry()
behavior returning
with unescaped URLs
+ 2580 Stop creating unnecessary exceptions with MultiException
+ 2586 Update to asm 6.2
+ 2603 WebSocket ByteAccumulator initialized with wrong maximum
+ 2604 WebSocket ByteAccumulator should report sizes in
MessageTooLargeException
+ 2616 Trailers preventing client from processing all the data
+ 2619 QueuedThreadPool race can shrink newly created idle threads before use
Best Regards,
The Jetty Development Team
Joakim Erdfelt / ***@webtide.com