From 612396cba2e48029d42bcc38d5355dfcbce09dd8 Mon Sep 17 00:00:00 2001 From: Valera V Harseko Date: Thu, 17 Oct 2024 18:39:32 +0300 Subject: [PATCH] CVE-2024-8184 Eclipse Jetty's ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks --- OpenICF-groovy-connector/pom.xml | 3 ++- .../connector-server-jetty/pom.xml | 6 ++---- pom.xml | 18 ++++++++++++++++++ 3 files changed, 22 insertions(+), 5 deletions(-) diff --git a/OpenICF-groovy-connector/pom.xml b/OpenICF-groovy-connector/pom.xml index 88e2ee63..f0e41062 100644 --- a/OpenICF-groovy-connector/pom.xml +++ b/OpenICF-groovy-connector/pom.xml @@ -21,6 +21,8 @@ with the fields enclosed by brackets [] replaced by your own identifying information: "Portions Copyrighted [year] [name of copyright owner]" + + Portions Copyrighted 2018-2024 3A Systems, LLC --> 4.0.0 @@ -187,7 +189,6 @@ org.eclipse.jetty jetty-server - 9.4.51.v20230217 test diff --git a/OpenICF-java-framework/connector-server-jetty/pom.xml b/OpenICF-java-framework/connector-server-jetty/pom.xml index d9472c20..e8e42705 100644 --- a/OpenICF-java-framework/connector-server-jetty/pom.xml +++ b/OpenICF-java-framework/connector-server-jetty/pom.xml @@ -21,6 +21,8 @@ with the fields enclosed by brackets [] replaced by your own identifying information: "Portions Copyrighted [year] [name of copyright owner]" + + Portions Copyrighted 2018-2024 3A Systems, LLC --> @@ -38,7 +40,6 @@ - 9.4.55.v20240627 UTF-8 @@ -51,7 +52,6 @@ org.eclipse.jetty.websocket websocket-server - ${jetty.version} provided @@ -100,13 +100,11 @@ org.eclipse.jetty jetty-servlet - ${jetty.version} test org.eclipse.jetty jetty-server - ${jetty.version} test diff --git a/pom.xml b/pom.xml index 19e7d40f..f504a3ef 100644 --- a/pom.xml +++ b/pom.xml @@ -305,6 +305,24 @@ 1.2.0 test + + org.eclipse.jetty + jetty-servlet + 9.4.56.v20240826 + test + + + org.eclipse.jetty + jetty-server + 9.4.56.v20240826 + test + + + org.eclipse.jetty.websocket + websocket-server + 9.4.56.v20240826 + provided +