google / graphicsfuzz

A testing framework for automatically finding and simplifying bugs in graphics shader compilers.
Apache License 2.0
570 stars 117 forks source link

build(deps): bump jetty-server from 9.4.36.v20210114 to 9.4.38.v20210224 in /parent-all #1137

Closed dependabot[bot] closed 3 years ago

dependabot[bot] commented 3 years ago

Bumps jetty-server from 9.4.36.v20210114 to 9.4.38.v20210224.

Release notes

Sourced from jetty-server's releases.

9.4.38.v20210224

Changelog

  • #6001 - Ambiguous URI legacy compliance mode
  • #5999 - HttpURI ArrayIndexOutOfBounds
  • #5994 - QueuedThreadPool "free" threads
  • #5977 - Cache-Control header set by a filter is override by the value from DefaultServlet configuration

9.4.37.v20210219

Changelog

  • This release addresses and resolves CVE-2020-27223
  • #5979 - Configurable gzip Etag extension
  • #5977 - Cache-Control header set by a filter is override by the value from DefaultServlet configuration
  • #5976 - Adding requested Rewrite Rule to force request header values
  • #5973 - Proxy client TLS authentication example
  • #5963 - Improve QuotedQualityCSV
  • #5950 - Deadlock due to logging inside classloaders
  • #5937 - Unnecessary blocking in ResourceService
  • #5909 - Cannot disable HTTP OPTIONS Method
  • #5894 - Jetty 9.4.x 5859 classloader leak queuedthreadpool
  • #5851 - org.eclipse.jetty.websocket.servlet.WebSocketServlet cleanup
  • #5787 - Make ManagedSelector report better JMX data
  • #5492 - Add ability to manage start modules by java feature
  • #4275 - Path Normalization/Traversal - Context Matching
Commits
  • 288f3cc Updating to version 9.4.38.v20210224
  • 0603b13 Merge pull request #6005 from eclipse/jetty-9.4.x-6001-default-accept-ambiguo...
  • e68293e Addressing copy/paste mistakes
  • f9b5974 Fix #4275 separate compliance modes for ambiguous URI segments and separators
  • 49e73df Fix #4275 #6001 separate compliance modes for ambiguous URI segments and se… ...
  • c9cd1e4 Merge pull request #5995 from eclipse/jetty-9.4.x-5994-qtp_free_threads
  • 8bd4a9f Fix #5999 ArrayIndexOutOfBounds for unicode in HttpURI segment (#6000)
  • 530c14e Issue #5994 - QueuedThreadPool "free" threads
  • 16241d7 Efficiency improvements for #5977
  • fdb54fa Efficiency improvements for #5977
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/google/graphicsfuzz/network/alerts).
dependabot[bot] commented 3 years ago

Superseded by #1145.