File jetty-http2.changes of Package jetty-minimal

-------------------------------------------------------------------
Mon May 26 10:30:44 UTC 2025 - Fridrich Strba <fstrba@suse.com>

- Upgrade to version 9.4.57.v20241219
  * Security fixes:
    + CVE-2024-6763, bsc#1231652: the HttpURI class does
      insufficient validation on the authority segment of a URI
    + CVE-2024-13009, bsc#1243271: Gzip Request Body Buffer
      Corruption
  * Changes:
    + #12268 - IteratingCallback may iterate too much when process()
      returns Action.IDLE
    + #12648 - Backport improved handling of bad Gzip content (and
      Gzip Exceptions)
    + #12532 - Backport of deprecation of UserInfo on URI (in
      violation of RFC2616 spec)

-------------------------------------------------------------------
Tue Oct 15 21:27:27 UTC 2024 - Fridrich Strba <fstrba@suse.com>

- Upgrade to version 9.4.56.v20240826
  * Security fixes:
    + CVE-2024-8184, bsc#1231651, ThreadLimitHandler.getRemote()
      vulnerable to remote DoS attacks
  * Changes:
    + #12201 backport ThreadLimitHandler improvements from Jetty 12
    + #11938 - Updating URL refs from eclipse.org/jetty and
      eclipse.dev/jetty to jetty.org (including XML dtd references)
    + #10805 - Jetty response with an invalid HTTP2 packet if the
      client set the hpack table size as 0

-------------------------------------------------------------------
Fri Oct 11 17:30:25 UTC 2024 - Fridrich Strba <fstrba@suse.com>

- Initial packaging