Bump jetty-version from 9.4.34.v20201102 to 9.4.39.v20210325

[dependabot]

Bumps jetty-version from 9.4.34.v20201102 to 9.4.39.v20210325.
Updates jetty-util from 9.4.34.v20201102 to 9.4.39.v20210325

Release notes

Sourced from jetty-util's releases.

9.4.39.v20210325

Changelog

• #6034 SslContextFactory may select a wildcard certificate during SNI selection when a more specific SSL certificate is present
• #6050 Websocket: NotUtf8Exception after upgrade 9.4.35 -> 9.4.36 or newer
• #6052 Cleanup TypeUtil and ModuleLocation to allow jetty-client/hybrid to work on Android
• #6063 Allow override of hazelcast version when using module
• #6072 jetty server high CPU when client send data length > 17408
• #6085 Jetty keeps Sessions in use after "Duplicate valid session cookies" Message
• #6101 Normalise ambiguous URIs
• #6102 Exclude webapps directory from deployment scan

9.4.38.v20210224

Changelog

• #6001 - Ambiguous URI legacy compliance mode
• #5999 - HttpURI ArrayIndexOutOfBounds
• #5994 - QueuedThreadPool "free" threads
• #5977 - Cache-Control header set by a filter is override by the value from DefaultServlet configuration

9.4.37.v20210219

Changelog

• This release addresses and resolves CVE-2020-27223
• #5979 - Configurable gzip Etag extension
• #5977 - Cache-Control header set by a filter is override by the value from DefaultServlet configuration
• #5976 - Adding requested Rewrite Rule to force request header values
• #5973 - Proxy client TLS authentication example
• #5963 - Improve QuotedQualityCSV
• #5950 - Deadlock due to logging inside classloaders
• #5937 - Unnecessary blocking in ResourceService
• #5909 - Cannot disable HTTP OPTIONS Method
• #5894 - Jetty 9.4.x 5859 classloader leak queuedthreadpool
• #5851 - org.eclipse.jetty.websocket.servlet.WebSocketServlet cleanup
• #5787 - Make ManagedSelector report better JMX data
• #5492 - Add ability to manage start modules by java feature
• #4275 - Path Normalization/Traversal - Context Matching

9.4.36.v20210114

Special Thanks to the following Eclipse Jetty community members

• @​joewitt (Joe Witt)
• @​rk1165 (Ravi Kumar)
• @​leonchen83 (Baoyi Chen)

Changelog

• #5870 - jetty-maven-plugin fails to run ServletContainerInitializer on Windows due to URI case comparison bug
• #5855 - HttpClient may not send queued requests
• #5845 - Use UTF-8 encoding for client basic auth if requested

... (truncated)

Commits

• 9fc7ca5 update VERSION.txt
• ee95f92 Updating to version 9.4.39.v20210325
• 0992dbd reset Version.txt
• 65c2da3 reset build-resources version
• 7dacf15 reset release to 9.4.39-SNAPSHOT
• be78648 reset release to 9.4.39-SNAPSHOT
• f6afdc5 Issue #6085 Fix duplicate valid session cookies to pick first valid.
• 64006c6 Issue #6085 Fix duplicate valid session cookies to pick first valid.
• af042ba Issue #6085 Fix duplicate valid session cookies to pick first valid.
• e0111e5 Updating to version 9.4.40-SNAPSHOT
• Additional commits viewable in compare view

Updates jetty-server from 9.4.34.v20201102 to 9.4.39.v20210325

Release notes

Sourced from jetty-server's releases.

9.4.39.v20210325

Changelog

• #6034 SslContextFactory may select a wildcard certificate during SNI selection when a more specific SSL certificate is present
• #6050 Websocket: NotUtf8Exception after upgrade 9.4.35 -> 9.4.36 or newer
• #6052 Cleanup TypeUtil and ModuleLocation to allow jetty-client/hybrid to work on Android
• #6063 Allow override of hazelcast version when using module
• #6072 jetty server high CPU when client send data length > 17408
• #6085 Jetty keeps Sessions in use after "Duplicate valid session cookies" Message
• #6101 Normalise ambiguous URIs
• #6102 Exclude webapps directory from deployment scan

9.4.38.v20210224

Changelog

• #6001 - Ambiguous URI legacy compliance mode
• #5999 - HttpURI ArrayIndexOutOfBounds
• #5994 - QueuedThreadPool "free" threads
• #5977 - Cache-Control header set by a filter is override by the value from DefaultServlet configuration

9.4.37.v20210219

Changelog

• This release addresses and resolves CVE-2020-27223
• #5979 - Configurable gzip Etag extension
• #5977 - Cache-Control header set by a filter is override by the value from DefaultServlet configuration
• #5976 - Adding requested Rewrite Rule to force request header values
• #5973 - Proxy client TLS authentication example
• #5963 - Improve QuotedQualityCSV
• #5950 - Deadlock due to logging inside classloaders
• #5937 - Unnecessary blocking in ResourceService
• #5909 - Cannot disable HTTP OPTIONS Method
• #5894 - Jetty 9.4.x 5859 classloader leak queuedthreadpool
• #5851 - org.eclipse.jetty.websocket.servlet.WebSocketServlet cleanup
• #5787 - Make ManagedSelector report better JMX data
• #5492 - Add ability to manage start modules by java feature
• #4275 - Path Normalization/Traversal - Context Matching

9.4.36.v20210114

Special Thanks to the following Eclipse Jetty community members

• @​joewitt (Joe Witt)
• @​rk1165 (Ravi Kumar)
• @​leonchen83 (Baoyi Chen)

Changelog

• #5870 - jetty-maven-plugin fails to run ServletContainerInitializer on Windows due to URI case comparison bug
• #5855 - HttpClient may not send queued requests
• #5845 - Use UTF-8 encoding for client basic auth if requested

... (truncated)

Commits

• 9fc7ca5 update VERSION.txt
• ee95f92 Updating to version 9.4.39.v20210325
• 0992dbd reset Version.txt
• 65c2da3 reset build-resources version
• 7dacf15 reset release to 9.4.39-SNAPSHOT
• be78648 reset release to 9.4.39-SNAPSHOT
• f6afdc5 Issue #6085 Fix duplicate valid session cookies to pick first valid.
• 64006c6 Issue #6085 Fix duplicate valid session cookies to pick first valid.
• af042ba Issue #6085 Fix duplicate valid session cookies to pick first valid.
• e0111e5 Updating to version 9.4.40-SNAPSHOT
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #103.