diff --git a/CHANGELOG.md b/CHANGELOG.md index a18f2bc51..9319fbde3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -54,6 +54,7 @@ All notable changes to this project will be documented in this file. - spark-k8s: Add `3.5.6` ([#1142]). - spark-connect-client: Add `3.5.6` ([#1142]). - git-sync: Bump version to 4.4.1 ([#1151]). +- zookeeper: bump jetty version for CVE-2024-13009 in 3.9.3 ([#1179]) ### Changed @@ -190,6 +191,7 @@ All notable changes to this project will be documented in this file. [#1165]: https://github.com/stackabletech/docker-images/pull/1165 [#1168]: https://github.com/stackabletech/docker-images/pull/1168 [#1170]: https://github.com/stackabletech/docker-images/pull/1170 +[#1179]: https://github.com/stackabletech/docker-images/pull/1179 ## [25.3.0] - 2025-03-21 diff --git a/zookeeper/stackable/patches/3.9.3/0001-Add-CycloneDX-plugin.patch b/zookeeper/stackable/patches/3.9.3/0001-Add-CycloneDX-plugin.patch index 725492275..901191646 100644 --- a/zookeeper/stackable/patches/3.9.3/0001-Add-CycloneDX-plugin.patch +++ b/zookeeper/stackable/patches/3.9.3/0001-Add-CycloneDX-plugin.patch @@ -8,7 +8,7 @@ Subject: Add CycloneDX plugin 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml -index 6ef4011fe..07ae75387 100644 +index 6ef4011f..07ae7538 100644 --- a/pom.xml +++ b/pom.xml @@ -925,7 +925,7 @@ diff --git a/zookeeper/stackable/patches/3.9.3/0002-ZOOKEEPER-4846-Failure-to-reload-database-due-to-mis.patch b/zookeeper/stackable/patches/3.9.3/0002-ZOOKEEPER-4846-Failure-to-reload-database-due-to-mis.patch index e0944a1ac..3890dabef 100644 --- a/zookeeper/stackable/patches/3.9.3/0002-ZOOKEEPER-4846-Failure-to-reload-database-due-to-mis.patch +++ b/zookeeper/stackable/patches/3.9.3/0002-ZOOKEEPER-4846-Failure-to-reload-database-due-to-mis.patch @@ -13,7 +13,7 @@ Closes #2222 from anmolnar/ZOOKEEPER-4846 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/zookeeper-server/src/main/java/org/apache/zookeeper/server/DataTree.java b/zookeeper-server/src/main/java/org/apache/zookeeper/server/DataTree.java -index 3b61c80d8..af937f834 100644 +index 3b61c80d..af937f83 100644 --- a/zookeeper-server/src/main/java/org/apache/zookeeper/server/DataTree.java +++ b/zookeeper-server/src/main/java/org/apache/zookeeper/server/DataTree.java @@ -462,8 +462,9 @@ public class DataTree { @@ -29,7 +29,7 @@ index 3b61c80d8..af937f834 100644 } diff --git a/zookeeper-server/src/test/java/org/apache/zookeeper/server/DataTreeTest.java b/zookeeper-server/src/test/java/org/apache/zookeeper/server/DataTreeTest.java -index 07a69f14f..fc20ed320 100644 +index 07a69f14..fc20ed32 100644 --- a/zookeeper-server/src/test/java/org/apache/zookeeper/server/DataTreeTest.java +++ b/zookeeper-server/src/test/java/org/apache/zookeeper/server/DataTreeTest.java @@ -23,6 +23,7 @@ import static org.junit.jupiter.api.Assertions.assertFalse; diff --git a/zookeeper/stackable/patches/3.9.3/0003-ZOOKEEPER-4921-Retry-endlessly-to-establish-a-brand-.patch b/zookeeper/stackable/patches/3.9.3/0003-ZOOKEEPER-4921-Retry-endlessly-to-establish-a-brand-.patch index 65838c2bb..734dc2479 100644 --- a/zookeeper/stackable/patches/3.9.3/0003-ZOOKEEPER-4921-Retry-endlessly-to-establish-a-brand-.patch +++ b/zookeeper/stackable/patches/3.9.3/0003-ZOOKEEPER-4921-Retry-endlessly-to-establish-a-brand-.patch @@ -15,7 +15,7 @@ https://lists.apache.org/thread/nfb9z7rhgglbjzfxvg4z2m3pks53b3c1 2 files changed, 47 insertions(+), 20 deletions(-) diff --git a/zookeeper-server/src/main/java/org/apache/zookeeper/ClientCnxn.java b/zookeeper-server/src/main/java/org/apache/zookeeper/ClientCnxn.java -index 0bf616c61..207bb8c49 100644 +index 0bf616c6..207bb8c4 100644 --- a/zookeeper-server/src/main/java/org/apache/zookeeper/ClientCnxn.java +++ b/zookeeper-server/src/main/java/org/apache/zookeeper/ClientCnxn.java @@ -1242,7 +1242,7 @@ public class ClientCnxn { @@ -28,7 +28,7 @@ index 0bf616c61..207bb8c49 100644 String warnInfo = String.format( "Client session timed out, have not heard from server in %dms for session id 0x%s", diff --git a/zookeeper-server/src/test/java/org/apache/zookeeper/test/SessionTimeoutTest.java b/zookeeper-server/src/test/java/org/apache/zookeeper/test/SessionTimeoutTest.java -index 7a59f5eb9..9f5943f68 100644 +index 7a59f5eb..9f5943f6 100644 --- a/zookeeper-server/src/test/java/org/apache/zookeeper/test/SessionTimeoutTest.java +++ b/zookeeper-server/src/test/java/org/apache/zookeeper/test/SessionTimeoutTest.java @@ -18,6 +18,9 @@ diff --git a/zookeeper/stackable/patches/3.9.3/0004-ZOOKEEPER-4925-Fix-data-loss-due-to-propagation-of-d.patch b/zookeeper/stackable/patches/3.9.3/0004-ZOOKEEPER-4925-Fix-data-loss-due-to-propagation-of-d.patch index 76df03879..469ffd8d3 100644 --- a/zookeeper/stackable/patches/3.9.3/0004-ZOOKEEPER-4925-Fix-data-loss-due-to-propagation-of-d.patch +++ b/zookeeper/stackable/patches/3.9.3/0004-ZOOKEEPER-4925-Fix-data-loss-due-to-propagation-of-d.patch @@ -45,7 +45,7 @@ Add separated code to enforce continuous proposals create mode 100644 zookeeper-server/src/test/java/org/apache/zookeeper/server/quorum/QuorumSyncTest.java diff --git a/zookeeper-server/src/main/java/org/apache/zookeeper/server/Request.java b/zookeeper-server/src/main/java/org/apache/zookeeper/server/Request.java -index c174fdd1e..ad5071375 100644 +index c174fdd1..ad507137 100644 --- a/zookeeper-server/src/main/java/org/apache/zookeeper/server/Request.java +++ b/zookeeper-server/src/main/java/org/apache/zookeeper/server/Request.java @@ -78,6 +78,19 @@ public class Request { @@ -69,7 +69,7 @@ index c174fdd1e..ad5071375 100644 public final int cxid; diff --git a/zookeeper-server/src/main/java/org/apache/zookeeper/server/TxnLogEntry.java b/zookeeper-server/src/main/java/org/apache/zookeeper/server/TxnLogEntry.java -index 352eb81da..409fd21fa 100644 +index 352eb81d..409fd21f 100644 --- a/zookeeper-server/src/main/java/org/apache/zookeeper/server/TxnLogEntry.java +++ b/zookeeper-server/src/main/java/org/apache/zookeeper/server/TxnLogEntry.java @@ -47,4 +47,8 @@ public final class TxnLogEntry { @@ -82,7 +82,7 @@ index 352eb81da..409fd21fa 100644 + } } diff --git a/zookeeper-server/src/main/java/org/apache/zookeeper/server/ZKDatabase.java b/zookeeper-server/src/main/java/org/apache/zookeeper/server/ZKDatabase.java -index 7258daa7c..7a26d8362 100644 +index 7258daa7..7a26d836 100644 --- a/zookeeper-server/src/main/java/org/apache/zookeeper/server/ZKDatabase.java +++ b/zookeeper-server/src/main/java/org/apache/zookeeper/server/ZKDatabase.java @@ -58,6 +58,7 @@ import org.apache.zookeeper.server.quorum.Leader.Proposal; @@ -156,7 +156,7 @@ index 7258daa7c..7a26d8362 100644 wl.unlock(); } diff --git a/zookeeper-server/src/main/java/org/apache/zookeeper/server/ZooKeeperServer.java b/zookeeper-server/src/main/java/org/apache/zookeeper/server/ZooKeeperServer.java -index 6740f6d52..14dd59b8c 100644 +index 6740f6d5..14dd59b8 100644 --- a/zookeeper-server/src/main/java/org/apache/zookeeper/server/ZooKeeperServer.java +++ b/zookeeper-server/src/main/java/org/apache/zookeeper/server/ZooKeeperServer.java @@ -1846,13 +1846,6 @@ public class ZooKeeperServer implements SessionExpirer, ServerStats.Provider { @@ -205,7 +205,7 @@ index 6740f6d52..14dd59b8c 100644 private void processTxnForSessionEvents(Request request, TxnHeader hdr, Record txn) { diff --git a/zookeeper-server/src/main/java/org/apache/zookeeper/server/quorum/Follower.java b/zookeeper-server/src/main/java/org/apache/zookeeper/server/quorum/Follower.java -index 0eff9d248..ca99974cb 100644 +index 0eff9d24..ca99974c 100644 --- a/zookeeper-server/src/main/java/org/apache/zookeeper/server/quorum/Follower.java +++ b/zookeeper-server/src/main/java/org/apache/zookeeper/server/quorum/Follower.java @@ -35,7 +35,6 @@ import org.apache.zookeeper.server.quorum.flexible.QuorumVerifier; @@ -234,7 +234,7 @@ index 0eff9d248..ca99974cb 100644 /* * Request header is created only by the leader, so this is only set diff --git a/zookeeper-server/src/main/java/org/apache/zookeeper/server/quorum/FollowerZooKeeperServer.java b/zookeeper-server/src/main/java/org/apache/zookeeper/server/quorum/FollowerZooKeeperServer.java -index b67661999..1b0b5cd92 100644 +index b6766199..1b0b5cd9 100644 --- a/zookeeper-server/src/main/java/org/apache/zookeeper/server/quorum/FollowerZooKeeperServer.java +++ b/zookeeper-server/src/main/java/org/apache/zookeeper/server/quorum/FollowerZooKeeperServer.java @@ -22,7 +22,6 @@ import java.io.IOException; @@ -303,7 +303,7 @@ index b67661999..1b0b5cd92 100644 - } } diff --git a/zookeeper-server/src/main/java/org/apache/zookeeper/server/quorum/Learner.java b/zookeeper-server/src/main/java/org/apache/zookeeper/server/quorum/Learner.java -index 1ef99e50a..adf0ef6e5 100644 +index 1ef99e50..adf0ef6e 100644 --- a/zookeeper-server/src/main/java/org/apache/zookeeper/server/quorum/Learner.java +++ b/zookeeper-server/src/main/java/org/apache/zookeeper/server/quorum/Learner.java @@ -82,6 +82,10 @@ public class Learner { @@ -431,7 +431,7 @@ index 1ef99e50a..adf0ef6e5 100644 } } else { diff --git a/zookeeper-server/src/main/java/org/apache/zookeeper/server/quorum/Observer.java b/zookeeper-server/src/main/java/org/apache/zookeeper/server/quorum/Observer.java -index d3aa41b5f..334fa54c1 100644 +index d3aa41b5..334fa54c 100644 --- a/zookeeper-server/src/main/java/org/apache/zookeeper/server/quorum/Observer.java +++ b/zookeeper-server/src/main/java/org/apache/zookeeper/server/quorum/Observer.java @@ -202,12 +202,8 @@ public class Observer extends Learner { @@ -464,7 +464,7 @@ index d3aa41b5f..334fa54c1 100644 boolean majorChange = self.processReconfig(qv, suggestedLeaderId, qp.getZxid(), true); diff --git a/zookeeper-server/src/test/java/org/apache/zookeeper/server/TxnLogDigestTest.java b/zookeeper-server/src/test/java/org/apache/zookeeper/server/TxnLogDigestTest.java -index 75d6fe680..b52ea3418 100644 +index 75d6fe68..b52ea341 100644 --- a/zookeeper-server/src/test/java/org/apache/zookeeper/server/TxnLogDigestTest.java +++ b/zookeeper-server/src/test/java/org/apache/zookeeper/server/TxnLogDigestTest.java @@ -60,6 +60,7 @@ public class TxnLogDigestTest extends ClientBase { @@ -484,7 +484,7 @@ index 75d6fe680..b52ea3418 100644 super.tearDown(); diff --git a/zookeeper-server/src/test/java/org/apache/zookeeper/server/ZxidRolloverTest.java b/zookeeper-server/src/test/java/org/apache/zookeeper/server/ZxidRolloverTest.java -index 031ccc2f7..b23fd80a3 100644 +index 031ccc2f..b23fd80a 100644 --- a/zookeeper-server/src/test/java/org/apache/zookeeper/server/ZxidRolloverTest.java +++ b/zookeeper-server/src/test/java/org/apache/zookeeper/server/ZxidRolloverTest.java @@ -60,6 +60,7 @@ public class ZxidRolloverTest extends ZKTestCase { @@ -505,7 +505,7 @@ index 031ccc2f7..b23fd80a3 100644 zkClients[i].close(); diff --git a/zookeeper-server/src/test/java/org/apache/zookeeper/server/quorum/QuorumSyncTest.java b/zookeeper-server/src/test/java/org/apache/zookeeper/server/quorum/QuorumSyncTest.java new file mode 100644 -index 000000000..c4b7720cf +index 00000000..c4b7720c --- /dev/null +++ b/zookeeper-server/src/test/java/org/apache/zookeeper/server/quorum/QuorumSyncTest.java @@ -0,0 +1,100 @@ diff --git a/zookeeper/stackable/patches/3.9.3/0005-Bumping-jetty-version-to-fix-CVE-2024-13009.patch b/zookeeper/stackable/patches/3.9.3/0005-Bumping-jetty-version-to-fix-CVE-2024-13009.patch new file mode 100644 index 000000000..a5ace456e --- /dev/null +++ b/zookeeper/stackable/patches/3.9.3/0005-Bumping-jetty-version-to-fix-CVE-2024-13009.patch @@ -0,0 +1,22 @@ +From d5ec0e10f1e2c967cd1bbc9aaeacc4f83705f1bf Mon Sep 17 00:00:00 2001 +From: Maxi Wittich +Date: Tue, 17 Jun 2025 15:39:44 +0200 +Subject: Bumping jetty version to fix CVE-2024-13009 + +--- + pom.xml | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/pom.xml b/pom.xml +index 07ae7538..9c201245 100644 +--- a/pom.xml ++++ b/pom.xml +@@ -560,7 +560,7 @@ + 2.2 + 1.5.0 + 4.1.113.Final +- 9.4.56.v20240826 ++ 9.4.57.v20241219 + 2.15.2 + 2.14.6 + 1.1.10.5