build(deps): bump jetty-servlet from 9.4.27.v20200227 to 9.4.50.v20221201

[dependabot[bot]]

Bumps jetty-servlet from 9.4.27.v20200227 to 9.4.50.v20221201.

Release notes

Sourced from jetty-servlet's releases.

9.4.49.v20220914

End of Life Notice

• eclipse/jetty.project#7958 - Jetty 9.4.x is now at End of Community Support. (See issue for details)

Changelog

• #8578 - getRequestURL can append "null" if getRequestURI is unspecified in an authority-form request-target
• #8493 - Review HTTP client feature setRemoveIdleDestinations

Dependencies

• #8253 - Bump google-cloud-datastore to 2.9.1
• #8233 - Bump jna to 5.12.1
• #8242 - Bump mariadb-java-client to 3.0.6
• #8238 - Bump maven-enforcer-plugin to 3.1.0
• #8230 - Bump maven.version to 3.8.6
• #8246 - Bump org.eclipse.osgi to 3.18.0
• #8245 - Bump testcontainers.version to 1.17.3

9.4.48.v20220622

End of Life Notice

• eclipse/jetty.project#7958 - Jetty 9.4.x is now at End of Community Support. (See issue for details)

Critical Fix

• #8184 - All suffix globs except first fail to match if path has . character in prefix section

9.4.47.v20220610

Fixed Security Advisories

• (CVE-2022-2047) - https://github.com/eclipse/jetty.project/security/advisories/GHSA-cj7v-27pg-wf7q - Invalid URI parsing may produce invalid HttpURI.authority
• (CVE-2022-2048) - https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j - Invalid HTTP/2 requests can lead to denial of service

Important

• eclipse/jetty.project#7958 - Jetty 9.4.x is now at End of Community Support. (See issue for details)

Changelog

• #8145 - RegexPathSpec backport of optional group name/info lookup if regex fails
• #8088 - Add option to configure exitVm on ShutdownMonitor from System properties
• #8067 - Wall time usage in DoSFilter RateTracker results in false positive alert
• #8014 - Review HttpRequest URI construction (Resolves CVE-2022-2047)
• #7976 - Add TRANSFER_ENCODING violation for MultiPart RFC7578 parser.
• #7947 - Improved PathSpec handling for servletName & pathInfo
• #7935 - Review HTTP/2 error handling (Resolves CVE-2022-2048)
• #7918 - PathMappings.asPathSpec does not allow root ServletPathSpec
• #7863 - Default servlet drops first accept-encoding header if there is more than one.

... (truncated)

Commits

• da9a0b3 Updating to version 9.4.50.v20221201
• f9914c8 Merge pull request #8987 from eclipse/dependabot/maven/jetty-9.4.x/org.apache...
• 13319cb Merge pull request #8989 from eclipse/dependabot/maven/jetty-9.4.x/org.spring...
• 5617585 Bump spring-beans from 5.3.23 to 5.3.24
• d16613b Bump maven-dependency-plugin from 3.3.0 to 3.4.0
• 20facec Merge pull request #8961 from eclipse/dependabot/maven/jetty-9.4.x/com.github...
• f7acd13 Merge pull request #8971 from eclipse/fix/jetty-9.4.x/dependabot-rollup-nov28
• c70016d Merge pull request #8951 from eclipse/dependabot/maven/jetty-9.4.x/org.infini...
• 2e9c715 Merge pull request #8949 from eclipse/dependabot/maven/jetty-9.4.x/testcontai...
• bc48eb2 Merge remote-tracking branch 'origin/dependabot/maven/jetty-9.4.x/org.apache....
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.