Release 4.2.7 (security update)

Jetty Release 4.2.7 is now available via http://jetty.mortbay.org

This is a security update that contains an updated JSSE library to
cover an SSL security problem:

http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F50081&zone_32=category%3Asecurity

If you use SSL, it is highly recommended that you upgrade to 4.2.7 or
at least obtain JSSE 1.0.3_01 and update the ssl libraries.

This release also changes the getServletPath mapping for the default
servlet ('/') to return the full path and getServletInfo now returns
null.  This should be hidden by the default servlet for most users,
but if it causes a problem, the old behaviour may be obtained by
setting -Dorg.mortbay.http.PathMap.oldDefaultPath=true

Jetty-4.2.7 - 4 February 2003
  + Upgraded to JSSE 1.0.3_01 to fix security problem.
  + Fixed proxy tunnel for non persistent connections.
  + Relative sendRedirect handles trailing / correctly.
  + Changed PathMap to conform to / getServletPath handling.

--

-- 
Greg Wilkins<gregw <at> mortbay.com>             Phone/fax: +44 7092063462
Mort Bay Consulting Australia and UK.          http://www.mortbay.com

------------------------ Yahoo! Groups Sponsor ---------------------~-->
Get 128 Bit SSL Encryption!
http://us.click.yahoo.com/LIgTpC/vN2EAA/xGHJAA/CefplB/TM