Jetty 9.3.2.v20150730 發布,ConcatServlet 安全更新

npde 9年前發布 | 5K 次閱讀 Jetty

Jetty 9.3.2.v20150730 發布,此版本是 Jetty 9.3.x 的維護版本,強烈建議使用 ConcatServlet 的用戶升級。

值得關注的更新:

  • [Security] ConcatServlet resource exposure

    </li>

  • [Fix] SNI wildcard certificate matching

    </li>

  • [Fix] Thread starvation in selector wakeup

    </li>

  • [Fix] GzipHandler include/exclude logic (for mime types and paths)

    </li>

  • [Improvement] Redirect Rules support optional status code

    </li>

  • [Improvement] New Rewrite Terminating Rules

    </li> </ul>

    Jetty 9.3 新特性:

    • Introducing HTTP/2 (rfc7540) server & client support!

      </li>

    • Overhauled scheduler - https://webtide.com/eat-what-you-kill/

      </li>

    • Supporting SNI (Server Name Indications) during TLS/SSL negotiation

      </li>

    • Java 8 minimum requirement

      </li> </ul>

      下載:

      • http://download.eclipse.org/jetty/

        </li>

      • http://central.maven.org/   

        </li> </ul>

        更新日志:

        jetty-9.3.2.v20150730 - 30 July 2015

        ?+ 470351 Fixed SNI matching of wildcard certificates

        ?+ 470727 Thread Starvation of selector wakeups.

        ?+ 472601?org.eclipse.jetty.util.log.Log.setLog() does not work as before

        ?+ 472621 Unjustified timeout when serving static content

        ?+ 472781 GzipHandler isMimeTypeGzipable() bad logic

        ?+ 472859 ConcatServlet may expose protected resources.

        ?+ 472931 HttpConfiguration copy constructor incomplete

        ?+ 472974 Improved StatisticsHandler 503 generation

        ?+ 473006 Encode addPath in URLResource

        ?+ 473118 HTTP/2 server does not retrieve Host header from client.

        ?+ 473243 Delay resource close for async default content

        ?+ 473266 Better handling of MultiException

        ?+ 473294 Fixed include cipher suites support for wildcards

        ?+ 473307 Add 301 Moved Permanently Rules to jetty-rewrite

        ?+ 473309 Add special (non-replacement) Terminating rules to jetty-rewrite

        ?+ 473319 Parameterize status code on Redirect Rules for alternate use

        ?+ 473321 Overriding SSL context KeyStoreType requires explicit override of

        ? ?TrustStoreType

        ?+ 473322 GatherWrite limit handling

        ?+ 473624 ProxyServlet.Transparent / TransparentDelegate add trailing slash

        ? ?before query when using prefix.

        ?+ 473832 SslConnection flips back buffers on handshake exception


        更多內容請看發行說明

        來自:http://www.oschina.net/news/64836/jetty-9-3-2-20150730

         本文由用戶 npde 自行上傳分享,僅供網友學習交流。所有權歸原作者,若您的權利被侵害,請聯系管理員。
         轉載本站原創文章,請注明出處,并保留原始鏈接、圖片水印。
         本站是一個以用戶分享為主的開源技術平臺,歡迎各類分享!
          本文地址:http://www.baiduhome.net/news/view/e5c70e