Uploaded image for project: 'JOC - JobScheduler Operations Center'
  1. JOC - JobScheduler Operations Center
  2. JOC-1658

Upgrade Jetty 11.0.15 to 11.0.17 due to vulnerability CVE-2023-44487

    XMLWordPrintable

Details

    • Fix
    • Status: Released (View Workflow)
    • Minor
    • Resolution: Fixed
    • 2.5.5, 2.6.2
    • 2.5.6, 2.6.3
    • None
    • None
    • CVE-2023-44487

    Description

      Current Situation

      Impact

      • We rate the impact to our software being low as JS7 JOC ships with Jetty and the default usage of HTTP/1.
      • Customers using HTTP/2 need to configure this on their own and therefore have to take appropriate measures themselves.

      Desired Behavior

      Attachments

        Issue Links

          Activity

            People

              sp Santiago Aucejo Petzoldt
              sp Santiago Aucejo Petzoldt
              Pramokshi Narawariya Pramokshi Narawariya
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: