Jetty release 6.1.7 is now available via
http://jetty.mortbay.orgThis release fixes a high priority security vulnerability (introduced in 6.1.5rc1).
It is highly recommended that all users of jetty 6.1.x upgrade to 6.1.7.
The vulnerability allows static content within WEB-INF and behind security
constraints to be viewed.
http://docs.codehaus.org/display/JETTY/Jetty+Securityjetty-6.1.7 - 22 December 2007
+ Added BayeuxService
+ Added JSON.Convertor and non static JSON instances
+ Add "mvn jetty:stop"
+ allow sessions to be periodically persisted to disk
+ Cookie support in BayeuxClient
+ grizzly fixed for posts
+ jetty-6.1 branch created from 6.1.6 and r593 of jetty-contrib trunk
+ Optimizations and improvements of Cometd, more pooled objects
+ Update java5 patch
+ JETTY-386 backout fix and replaced with ContextHandler.setCompactPath(boolean)
+ JETTY-467 allow URL rewriting to be disabled.
+ JETTY-468 unique holder names for addServletWithMapping
+ JETTY-474 Fixed case sensitivity issue with HttpFields
+ JETTY-486 Improved jetty.sh script
+ JETTY-487 Handle empty chunked request
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/_______________________________________________
Jetty-announce mailing list
Jetty-announce@...
https://lists.sourceforge.net/lists/listinfo/jetty-announce
