Upgrade jetty dependencies to address CVE-2024-8184

Upgrade the jetty dependencies to address CVE-2024-8184 If implemented this will: Upgrade all jetty dependencies to version 9.4.56.v20240826
prestodb · Jan 8, 2025 · b1b842c · b1b842c
1 parent 03733ed
commit b1b842c
Showing 1 changed file with 9 additions and 0 deletions.
diff --git a/pom.xml b/pom.xml
@@ -85,6 +85,7 @@
         <dep.protobuf-java.version>3.25.5</dep.protobuf-java.version>
         <dep.netty.version>4.1.115.Final</dep.netty.version>
         <dep.snakeyaml.version>2.0</dep.snakeyaml.version>
+        <dep.jetty.version>9.4.56.v20240826</dep.jetty.version>
 
         <!--
           America/Bahia_Banderas has:
@@ -209,6 +210,14 @@
 
     <dependencyManagement>
         <dependencies>
+            <dependency>
+                <groupId>org.eclipse.jetty</groupId>
+                <artifactId>jetty-bom</artifactId>
+                <version>${dep.jetty.version}</version>
+                <type>pom</type>
+                <scope>import</scope>
+            </dependency>
+
             <dependency>
                 <groupId>io.netty</groupId>
                 <artifactId>netty-bom</artifactId>