Update Jetty to 9.4.53.v20231009 for security updates

Jetty 9.4.53.v20231009 includes the following two security fixes: - CVE-2023-36478 [1] - zero-days security issue discovered on the 10th of October, also known as "HTTP/2 Rapid Reset" - CVE-2023-44487 [2] - HTTP/2 Stream Cancellation Attack [1] https://nvd.nist.gov/vuln/detail/CVE-2023-36478 [2] https://nvd.nist.gov/vuln/detail/CVE-2023-44487 Release-Notes: Update Jetty to 9.4.53.v20231009 with critical security fixes Change-Id: Ie93fbcb8b35d9e4997dc0578893a8856b56b173c
author: Luca Milanesio <luca.milanesio@gmail.com> 2023-10-12 23:48:24 +0100
committer: Luca Milanesio <luca.milanesio@gmail.com> 2023-10-12 23:48:24 +0100
commit: c49057e05d35ff2ad1a7307aa9168b84ae7588db (patch)
tree: b4fa2c4f734c4684bcd3a902145f19bb3609de42
parent: f80327c97941c90fe83467d525d3f4b5944c4e9d (diff)
1 files changed, 10 insertions, 10 deletions
diff --git a/tools/deps.bzl b/tools/deps.bzl
index d76e5e2e80..6dd2eaf4de 100644
--- a/tools/deps.bzl
+++ b/tools/deps.bzl
@@ -19,7 +19,7 @@ GITILES_REPO = GERRIT
 # When updating Bouncy Castle, also update it in bazlets.
 BC_VERS = "1.72"
 HTTPCOMP_VERS = "4.5.2"
-JETTY_VERS = "9.4.36.v20210114"
+JETTY_VERS = "9.4.53.v20231009"
 BYTE_BUDDY_VERSION = "1.10.7"
 
 def java_dependencies():
@@ -607,50 +607,50 @@ def java_dependencies():
     maven_jar(
         name = "jetty-servlet",
         artifact = "org.eclipse.jetty:jetty-servlet:" + JETTY_VERS,
-        sha1 = "b189e52a5ee55ae172e4e99e29c5c314f5daf4b9",
+        sha1 = "6670d6a54cdcaedd8090e8cf420fd5dd7d08e859",
     )
 
     maven_jar(
         name = "jetty-security",
         artifact = "org.eclipse.jetty:jetty-security:" + JETTY_VERS,
-        sha1 = "42030d6ed7dfc0f75818cde0adcf738efc477574",
+        sha1 = "6fbc8ebe9046954dc2f51d4ba69c8f8344b05f7f",
     )
 
     maven_jar(
         name = "jetty-server",
         artifact = "org.eclipse.jetty:jetty-server:" + JETTY_VERS,
-        sha1 = "88a7d342974aadca658e7386e8d0fcc5c0788f41",
+        sha1 = "8b0e761a0b359db59dae77c00b4213b0586cb994",
     )
 
     maven_jar(
         name = "jetty-jmx",
         artifact = "org.eclipse.jetty:jetty-jmx:" + JETTY_VERS,
-        sha1 = "bb3847eabe085832aeaedd30e872b40931632e54",
+        sha1 = "f0392f756b59f65ea7d6be41bf7a2f7b2c7c98d5",
     )
 
     maven_jar(
         name = "jetty-http",
         artifact = "org.eclipse.jetty:jetty-http:" + JETTY_VERS,
-        sha1 = "1eee89a55e04ff94df0f85d95200fc48acb43d86",
+        sha1 = "87faf21eb322753f0527bcb88c43e67044786369",
     )
 
     maven_jar(
         name = "jetty-io",
         artifact = "org.eclipse.jetty:jetty-io:" + JETTY_VERS,
-        sha1 = "84a8faf9031eb45a5a2ddb7681e22c483d81ab3a",
+        sha1 = "70cf7649b27c964ad29bfddf58f3bfe0d30346cf",
     )
 
     maven_jar(
         name = "jetty-util",
         artifact = "org.eclipse.jetty:jetty-util:" + JETTY_VERS,
-        sha1 = "925257fbcca6b501a25252c7447dbedb021f7404",
+        sha1 = "f72bb4f687b4454052c6f06528ba9910714df947",
     )
 
     maven_jar(
         name = "jetty-util-ajax",
         artifact = "org.eclipse.jetty:jetty-util-ajax:" + JETTY_VERS,
-        sha1 = "2f478130c21787073facb64d7242e06f94980c60",
-        src_sha1 = "7153d7ca38878d971fd90992c303bb7719ba7a21",
+        sha1 = "4d20f6206eb7747293697c5f64c2dc5bf4bd54a4",
+        src_sha1 = "1aed8017c3c8a449323901639de6b4eb3b1f02ea",
     )
 
     maven_jar(
author	Luca Milanesio <luca.milanesio@gmail.com>	2023-10-12 23:48:24 +0100
committer	Luca Milanesio <luca.milanesio@gmail.com>	2023-10-12 23:48:24 +0100
commit	c49057e05d35ff2ad1a7307aa9168b84ae7588db (patch)
tree	b4fa2c4f734c4684bcd3a902145f19bb3609de42
parent	f80327c97941c90fe83467d525d3f4b5944c4e9d (diff)