Bump org.eclipse.jetty:jetty-maven-plugin from 9.4.52.v20230823 to 9.4.53.v20231009 #13212

dependabot · 2023-10-16T07:19:03Z

Bumps org.eclipse.jetty:jetty-maven-plugin from 9.4.52.v20230823 to 9.4.53.v20231009.

Release notes

Sourced from org.eclipse.jetty:jetty-maven-plugin's releases.

9.4.53.v20231009

Security Updates

This release addresses:

CVE-2023-44487

CVE-2023-36478

Sponsored Release

This is a release of the End of Community Support Jetty 9.x series that was sponsored by a support contract from Webtide.com

Changelog

#10679 - backport HTTP/2 rate control from Jetty 10.0.x

#10573 - backport hpack improvements from Jetty 10.0.x

#10546 - backport jetty-http Huffman encoders/decoders from Jetty 10.0.x

Commits

27bde00 Updating to version 9.4.53.v20231009
2a512c2 Merge pull request #10680 from eclipse/fix/jetty-9.4-10679-review-http2-rate-...
0f246d1 Fixes #10679 - Review HTTP/2 rate control.
2691ad0 Merge pull request #10645 from eclipse/dependabot/maven/jetty-9.4.x/commons-i...
b7c040a Merge pull request #10643 from eclipse/dependabot/maven/jetty-9.4.x/asm.versi...
e83c61f Bump commons-io:commons-io from 2.13.0 to 2.14.0
52f117d Bump asm.version from 9.5 to 9.6
3ea8e97 Merge pull request #10602 from eclipse/fix/9.4.x/dependency-rollup-sept-2023
0bd07f9 Revert "Bump org.infinispan.protostream:protostream"
3249711 Merge remote-tracking branch 'origin/dependabot/maven/jetty-9.4.x/exam.versio...
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [org.eclipse.jetty:jetty-maven-plugin](https://github.com/eclipse/jetty.project) from 9.4.52.v20230823 to 9.4.53.v20231009. - [Release notes](https://github.com/eclipse/jetty.project/releases) - [Commits](jetty/jetty.project@jetty-9.4.52.v20230823...jetty-9.4.53.v20231009) --- updated-dependencies: - dependency-name: org.eclipse.jetty:jetty-maven-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>