]
Nick Boldt resolved JBIDE-24648.
--------------------------------
Resolution: Done
update target platform to include jetty 9.4.6 (CVE issue)
---------------------------------------------------------
Key: JBIDE-24648
URL:
https://issues.jboss.org/browse/JBIDE-24648
Project: Tools (JBoss Tools)
Issue Type: Bug
Components: target-platform, upstream
Reporter: Nick Boldt
Assignee: Nick Boldt
Fix For: 4.5.0.Final
Fedora and RHEL have updated to Jetty 9.4.6 due to this CVE:
*
https://bugzilla.redhat.com/show_bug.cgi?id=1464158
Currently, JBT/devstudio target platform includes Jetty 9.4.5, as that's what was in
Oxygen.0.RC4.
But we could move to a newer version if we want to have the same version in linux and in
windows/OSX versions of JBT/devstudio.
Affected manifest files (which require jetty bundles from *[9.4.0,9.5.0)*)
* [1]
./jbosstools-aerogear/cordovasim/plugins/org.jboss.tools.cordovasim.eclipse/META-INF/MANIFEST.MF
* [2]
./jbosstools-aerogear/cordovasim/plugins/org.jboss.tools.cordovasim/META-INF/MANIFEST.MF
* [3]
./jbosstools-aerogear/cordovasim/tests/org.jboss.tools.cordovasim.eclipse.test/META-INF/MANIFEST.MF
* [4]
./jbosstools-base/foundation/tests/org.jboss.tools.foundation.core.test/META-INF/MANIFEST.MF
* [5] ./jbosstools-browsersim/plugins/org.jboss.tools.browsersim.ui/META-INF/MANIFEST.MF
* [6]
./jbosstools-central/central/tests/org.jboss.tools.central.test/META-INF/MANIFEST.MF
* [7]
./jbosstools-livereload/plugins/org.jboss.tools.livereload.core/META-INF/MANIFEST.MF
* [8] ./jbosstools-livereload/tests/org.jboss.tools.livereload.test/META-INF/MANIFEST.MF
* [9] ./jbosstools-server/jmx/tests/org.jboss.tools.jmx.jolokia.test/META-INF/MANIFEST.MF