jetty-jaas-9.4.56-150200.3.28.1<>,bgzp9|YjE=} ؀B(i faxgFq`5VSĮy^<6 *rꨀ?p`[,H:({M#4kGBe@ T';.cvq?+`{r v8i1PB`W^h3WtaJL]'}"dL]aٗkiCs1=XtuYT/"j+MŤ4,)hcLt u>>%?%d  " <!BX n     <P(89(:F!G!H!I!X!Y!\"<]"P^"b#c#d$?e$Df$Gl$Iu$\v$pw%<x%Py%dz%|%%%%Cjetty-jaas9.4.56150200.3.28.1The jaas module for Jetty Jetty is a 100% Java HTTP Server and Servlet Container. This means that you do not need to configure and run a separate web server (like Apache) in order to use Java, servlets and JSPs to generate dynamic content. Jetty is a fully featured web server for static and dynamic content. Unlike separate server/container solutions, this means that your web server and web application run in the same process, without interconnection overheads and complications. Furthermore, as a pure java component, Jetty can be simply included in your application for demonstration, distribution or deployment. Jetty is available on all Java supported platforms. This package contains The jaas module for Jetty.gzh01-ch3bSUSE Linux Enterprise 15SUSE LLC Apache-2.0 OR EPL-1.0https://www.suse.com/Productivity/Networking/Web/Servershttps://www.eclipse.org/jetty/linuxnoarch# VA큤A큤gzgzgzgzgze331fc8c92f8529fa0098f8f24b5b59a4f785f6a5bf6c7cb289ba5ab367effebe3034b7a7f1c341ce6d33255f821ae22efff0aa874b30722ece4e75fc1fae89a7185cec4b4dc42268bcf2c429e586eb66a826e1a6b89f9c9013dfaee00d95eaerootrootrootrootrootrootrootrootrootrootjetty-minimal-9.4.56-150200.3.28.1.src.rpmjetty-jaasmvn(org.eclipse.jetty:jetty-jaas)mvn(org.eclipse.jetty:jetty-jaas:pom:)osgi(org.eclipse.jetty.jaas)@ @@    java-headlessjavapackages-filesystemmvn(org.eclipse.jetty:jetty-security)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)1.89.4.56.v202408263.0.4-14.6.0-14.0-15.2-14.14.1gY@ee?e'd^@djdS@cGb@bBb9@an@`i@`i@`ٹ`@`f@`KW_@_^@^]߶]X]d@fstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comdimstar@opensuse.orgfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comshvetz.anton@gmail.comfstrba@suse.comrpm@fthiessen.defstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.com- Upgrade to version 9.4.56.v20240826 * Security fixes: + CVE-2024-8184, bsc#1231651, ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks * Changes: + #12201 backport ThreadLimitHandler improvements from Jetty 12 + #11938 - Updating URL refs from eclipse.org/jetty and eclipse.dev/jetty to jetty.org (including XML dtd references) + #10805 - Jetty response with an invalid HTTP2 packet if the client set the hpack table size as 0- Upgrade to version 9.4.54.v20240208 * Security fixes + CVE-2024-22201, bsc#1220437: HTTP/2 connection not closed after idle timeout when TCP congested * Other changes + #1256 DoSFilter leaks USER_AUTH entries + #11389 Strip default ports on ws/wss scheme uris too- Do not force Java 11 to build on i586- Upgrade to version 9.4.53.v20231009 * Fixes of 9.4.53.v20231009 + CVE-2023-44487, bsc#1216169 + CVE-2023-36478, bsc#1216162 + #10679 - backport HTTP/2 rate control from Jetty 10.0.x + #10573 - backport hpack improvements from Jetty 10.0.x + #10546 - backport jetty-http Huffman encoders/decoders from Jetty 10.0.x * Fixes of 9.4.52.v20230823 + #10352 - Jetty accepts "+" prefixed value in Content-Length (CVE-2023-40167, bsc#1215417) + #10337 - SizeLimitHandler does not enforce 0 responseLimit + #10169 - make sure that a ServiceLoader is retrieved before iterating + #10066 - Allow SAXParserFactory or SAXParser to be configured in Jetty's XmlParser class - Allows for GHSA-58qw-p7qm-5rvh workaround + #9887 - Deprecate CGI Servlet (CVE-2023-36479, bsc#1215415) + #9716 - Deprecate PushSessionCacheFilter + #9660 - OpenId Revoked authentication allows one request (CVE-2023-41900, bsc#1215416) + #9476 - onCompleteFailure called multiple times- Reproducible builds: use SOURCE_DATE_EPOCH for timestamp- Update to version 9.4.51.v20230217 * Fixes of 9.4.49.v20220914: + #8578 - getRequestURL can append "null" if getRequestURI is unspecified in an authority-form request-target + #8493 - Review HTTP client feature setRemoveIdleDestinations * Fixes of 9.4.50.v20221201: + #8774 - Added SizeLimitHandler + #8678 - Jetty client is not responding to GO_AWAY packet received from (Jetty) Server and continue to send traffic on same connection * Fixes of 9.4.51.v20230217: + #9352 - Update / Fix CookieCutter + #9345 - Backport Multipart Fix for CVE-2023-26048, bsc#1210620 + #9352 - Backport Cookie Parsing Fix for CVE-2023-26049, bsc#1210621- Add _multibuild to define 2nd spec file as additional flavor. Eliminates the need for source package links in OBS.- Force building with java 11 on ix86 in order to avoid random build failures- Upgrade to version 9.4.48.v20220622 * Fixes + #8184 - All suffix globs except first fail to match if path has "." character in prefix section + #8145 - RegexPathSpec backport of optional group name/info lookup if regex fails + #8088 - Add option to configure exitVm on ShutdownMonitor from System properties + #8067 - Wall time usage in DoSFilter RateTracker results in false positive alert + #8014 - Review HttpRequest URI construction (Resolves CVE-2022-2047, bsc#1201317) + #7976 - Add TRANSFER_ENCODING violation for MultiPart RFC7578 parser + #7947 - Improved PathSpec handling for servletName & pathInfo + #7935 - Review HTTP/2 error handling (Resolves CVE-2022-2048, bsc#1201316) + #7918 - PathMappings.asPathSpec does not allow root ServletPathSpec + #7863 - Default servlet drops first accept-encoding header if there is more than one. + #7858 - GZipHandler does not play nice with other handlers in HandlerCollection + #7837 - Fix StatisticsHandler in the case a Handler throws exception + #7809 - Jetty 9.4.x 7801 duplicate set session cookies + #7748 - Allow overriding of url-pattern mapping in ServletContextHandler to allow for regex or uri-template matching- Upgrade to version 9.4.46.v20220328 * Changes + Option --write-module-graph produces wrong .dot file + ArrayTrie getBest fails to match the empty string entry in certain cases + Interrupt flag is not always cleared in between requests + Gzip compression not working for multipart/form-data when added to the allowed list using addIncludedMimeTypes. + Miconfigured headerCacheSize in can result in IllegalArgumentException + HttpServletResponse.encodeURL not working for URLs starting with ../- Build with java source and target levels 8 - Fix javadoc generation on JDK >= 13- Make importing of package sun.misc optional since not all jdk versions export it- Splitting the jetty-unixsocket artifact into a separate spec file in order to avoid extra dependencies for the jetty-minimal package.- Update to version 9.4.43.v20210629 * Fix: bsc#1188438, CVE-2021-34429 * Changes: + Improve alias checking in PathResource + java.nio.ReadOnlyBufferException + Deprecate support for UTF16 encoding in URIs + Update to spifly 1.3.3 + Update to asm 9.1- Package modules: ant, cdi, deploy, fcgi, http-spi, quickstart, rewrite, start, unixsocket- Update to version 9.4.42.v20210604 * Fix: bsc#1187117, CVE-2021-28169- Update to version 9.4.40.v20210413 * Fix: bsc#1184367, CVE-2021-28165 - jetty server high CPU when client send data length > 17408 * Fix: bsc#1184368, CVE-2021-28164 - Normalize ambiguous URIs * Fix: bsc#1184366, CVE-2021-28163 - Exclude webapps directory from deployment scan- Upgrade to upstream version 9.4.38.v20210224 * Fixes bsc#1182898, CVE-2020-27223- Upgrade to upstream version 9.4.35.v20201120 * Fixes bsc#1179727, CVE-2020-27218- Upgrade to upstream version 9.4.30.v20200611- Upgrade to upstream version 9.4.27.v20200227- Removed patch: * jetty-annotations-asm6.patch + not needed when building against ASM7- Upgrade to upstream version 2.9.22.v20191022 * new jetty-openid amd jetty-util-ajax sub-packages - Modified patch: * jetty-annotations-asm6.patch + adapt to changed context + build against asm6 instead of asm7 that we don't have - Fix some rpmlint warnings and errors- Initial packaging of a minimal version of jetty 9.4.19.v20190610 * This version is light on dependenciesh01-ch3b 17290677479.4.56-150200.3.28.19.4.56.v202408269.4.56.v202408269.4.56jettyjetty-jaas.jarjetty-minimal-jetty-jaas.xmljettyjetty-jaas.pom/usr/share/java//usr/share/java/jetty//usr/share/maven-metadata//usr/share/maven-poms//usr/share/maven-poms/jetty/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:36077/SUSE_SLE-15-SP2_Update/0ac9f78180b0a8127a278ae08aa38644-jetty-minimal.SUSE_SLE-15-SP2_Updatedrpmxz5noarch-suse-linuxdirectoryASCII text, with CRLF line terminators (Zip archive data, at least v2.0 to extract Zip archive data, at least v2.0 to extract)XML 1.0 document, ASCII textexported SGML document, ASCII textPPPRRRrYҁN~+e|utf-891777e9f895088369edc0a1b9992878ec97b15fed59c6aac1f377fe84e27d364? 7zXZ !t/M8Q]"k%f+&s?ioͅA [1 7xxF 0hC(<xԇ!Ԥ_c4| \v?[ӻ 0IMq+Q l 4H~6M[O#;:}f8c-ʏ4=0~VA; R!mGǐ9Xb:D;ahm>J IxX_]7(P . "% p[=mXfCKH 4JRǶq۱Eђ h{A^ *@d\fd_h 3 Zw]kM|˳d$;wOGZU٭_^;8kVO)%i'47ch]pS M0y{ﻵKT;.W$pbK-\bcEZlP-f,&e'ϑ&: ʢq '2||J3!^ߧŌO߬Qn TK"HQiT'Q `wvwW dcR"yAνeRG)K-!.M3L7tr_|pM -AvR5V p⼻ oA "Q"W*#")-_G&SS4;!(A2atuĹbȄOh` |x^cr9)q$+ȶrn78ZeIVtS;/JzTmɽ[ᗷfR TH6yՍ_5۩qF^ [h.0N5(ZaiYX³Fjc+'Vy>r(( $F.I)m&jCT=ooUʮx=X"y>$̾^FϖU{o xr=&cI.x2F; l0JoOW$Jx|'*jT/'G1 # m \v!g-0g.W tzS_wWK[_j+"Q[-\2y]3.sfls^*[NEW!]2XqJ  i=xc[_Y!#U߈C$O25I"^ aֿwRA!"1)Ǽ|}B7͇5sD|.zу~=Zwf+t'F8(!ۡynÝĽְgIQ'8BV&0 uIv/tJFe%U!H^BܐJe)bap7f#ta5u`J e-]kOWf k;ϞᘙG% *+_q|ڟ>+O\حUi#P+m{GR| uZ&0+P\cnMּ!qFFDlD>3iSI(Ղ~ݷe^ .>!pp7_d>W:5/n[4sӎA+J„X]w}cغe stN}< :f,d44KK b襸y}K֌TT%osǮ5JLEs-aC5vou8ϾAM{daeiM3BB04 ?rCKdjR;F[ bG89+ꍒ%/52L+3Y4 3 Y̏DѭJoCP?ĝEPVUnK ¢ł"U<_/׹_&FQ84 w\%c`́v_Ys"!1껼gQR|=,!e0"z{X#ћR.uEQ t`kmb͍˻Kyݬ ?YX%̊#un 5N1V-RD?Yn_o jfdlC ,!6 CB%Qd]曫,E3 !Ȗ[/&;%LwH3# :5SkG 'i.ontog-jL /8&b-꟎YɨMJ\w(qDdZϚ =pmS8d M\}ȳxTwvir ӧ<>x:5'3Ka} KHc~5ň)6?(ȯ]CT"lc|-:v]gSi&="#MWHhc;3 /R-M>vF:g]rR-6k*N8V;2Sːq_5nK0kN& Fw@g= !Ba* FljN]owt8ND^ |hBF1?+$V9,ĖEIAbl֡OD|"Dq#E.gJ[θ="[67I> tӋaQp@.5G9`͒sx>q1S]GQ拁!kiwkC)E /H4.d%oKOgx~'3Цo?)h}E",N52K˷ܟC}@F|c)<8]mq2FkڃRJ@޷oG[PYHSMқbfsFfMN-BK[f%R҄sBg#PO+9ճ^`_Jt>cz1_6+Y>o 7c&:?ߗjabwc`oIFW-cW0`-WJ20xײՙ6G/4/5޵IPmpߍg\h|FL MdWDV[YJW9wO fCáEwFNd~bSѴ*܏AQztԔW!nqp1g@T@0-W-֩zT$i K)Y Te%•l'`h0CCGnS؃K5*n(n:$mnˮ}qnݯ!ræƽ%&hs7iҰ.ڵLUZ9RAT+f["T Av8~ B@K4Qj#~tn&(lwrdTDt6݌H6 =]>y\s@ba~^zR\*5 ߤ=D,5DڻkC4 s'?>64؀Ǹ(z( %Fc; I;<p}}YcrUܵWMuU֜t*fK3Zu}g/[#ر@5Yh*0]0hҢ|W>r?a=]켳vLobTKK FOZ(jRkvqX(|Bt1M!W 'PP%+GlɞVVt}v6;lCt 跹- f1@ȋ xb&%smoC8(Ul /̧PN "|Xo~HM"=},k}XsL!T횇ZK[iIr&`fkĉuYNJ]>):bZ:D?Ψ:%"͈:#F$yM5vܑx :y.'gvqu޹n([ a,DX#6'd?sZ0}|.5)^ 8Zn,¨FLE] 9N)W1̠/{`xt./tZ@W䓩8{胆QdLoMagf * EIe!<AULՎC!>^*#X&$kvly㾠zn&_[¤WF=lE,( ft$mY.:q tB}z73K1 l#b#9c]ˑ)a@d+\𒀛h9o- (C;u;WMTiWnĬDRv"z_momLxr@-:0E"xOa9A~{OfPn~ޜ=j$Z5WKyvH[sG9T.O  |mxݔ ?+CDF\eڜ;߸f--dڬy!\RH!%fZ= =7ϼuIQ-w!.*!٨Fq}JiPdmG7BE)- +ƈPB3"9Y9d )ZeVR`+GRslo(P*qG/g}uxe+ʘ(ի (ԓj/*ϰ3܉2̊G 8{e4Gn_6OaD#؍"kn#PЖz_̹hQ깈a%,Ju{a䍏Rã,EIiXN #&w|̀]='9 &wIfe+gUuED貜W[/#c羚Tu~mfy$/f}6;nV|+Xv$@j8s!!6?4 pR_z cN Zq"њq (Xw@$1^oFi@l"KI[5rG%i֊Urmich '3{ $J 5 EA(9)Q^4C1r[/&Ola9^i$2!܍sʺ~pߓ"ȲXJ^buPs*Im@dܶ)>jmϯ7泯+W;3$Pj !P-qY 03X:`$)/>'7gG-+B$)9 \A|!bp`ø~Na ;4,S+U*zTJvniGxƣCD_cH2؇=%"%r}\]@X$QR=B]i7u*6W54HVϗwB?}E9FgRcz3|oF"7&k=2"OL0J&/lpP+ GF5[B`l/FVz.uҷSǺ5E_p [i+czinvϋ{2:6J5>IJzVC+#xQ=(j;tTaiGD}l&jH8'cT՛8Ǘmj,i"Cnğvu̶F-ELB9KX3%R/'UQipoNňdKuKZ) v/șN:#݆6IQ]/x?Ak-3k1g<2N AD$B#3"L+e7 'r/9ukP)ݷq5b6Ǔ!ób5GRt,f:>z"7]v8_U ׅC&`\RB ŊլJ)*P|PU}YatTԜf:[Ԍ-l SYgxm'4Tu7w8BK/Jj=z4 \j\.(ic=,mBib3|C6kkD"X"DVNs;$hpi!S]콘?[UǒYJ[>7WJlklX,k#V0id_T+`з`0~ 86NMJ#el'טJ|9Plsʃ-fT =Lq~ue:uI$Wetm^L<$>7h|1M\o݋7~EVߵ .Β_L2Ϡ-(}%̧ܞ ` JYm{DђGjaX0ps~3$.)[ 9f .ςf b5P 7R hQY͔~"KNE]C/*JRս*rt&(t*ߔt^GGd>Hvɋ!`\./-PJu⍯@b ͘;Kzc(Lw\)ru[Iᐖ,T_qQ8'4*s=a.qPj>mC8_̃RguXg GfDwc?mQ䥾G1kK R𜟍KDytFF-΍=%VҴRpT!hDhHF{>ct4zݺG?UWAdFlpep-#ξW9tZ{f!/()[V5=vK9n&BNjdٓ1pK' N+DXnvvx=0awW ]6GLF:]3׊+VO62`䆂֤7ɶoE\^V| ܴ~3]8ݸX'c(.[0 %xy65uvN}i\c"ԐK-|/z lo>cfk.O?LkƇT7|*d{Z*pZRHL(O$gF^re=xn$S㮗'g1r II$r%#-zfw;/Sv{ Z@D@40( u<%Y3RҨwP 7 /ie VGYnt)0hP[!(\XG듯#Y7$)~;^6v;xSNkCv '] iX=>o6#T']㮕 O^ gK6βcOFR:2geɄÕ)zԁ *k裊Ӥ,x؀[^:o?7zUt1Z_}~jdPq8N)IH9iuhG&?r^JbsPթpcSvY,$;s:uL#gDZ{c;nȔ Ս*8Yw *SJV4,|/xݤkѴ?S BsJɻsSXr˧A{2 v娘a)OьJ^>7X2!3#J%np[;UQ#ry< NSukcA Yhi3`}op ۻl$P'rMQ08kc % 3 b*(/0v@InO81̾buFvVAp: ƏG'/f_/͹#gv D{~4.!Ha-+=35Rz='W6<&H:e@ܟ'Z+ӑw ek]`!Ȇe܁}}o6]@ \䎏}.Y*fw PtLIؽD7xUH0qyn*+ <VĠz $D; >V[z] o3LK{;Sr -[dqszi,s?<WDL%"0HHn?\YJ > OưNyC$]\Qjkؚ2)iNlq~0h8wԛBp?MͪvO0ELfت v ԏs҅3)j5Z_}IG;·% Rn. z'j̠a6_tZ-+z尐 QgQ 1.W0vLl+յ P6i6LiWZeq!^Yȇ5cbC~'ml[DF~"We *^bm.rKhJ/ԟp5,C]U`tstYUIcFٵQ$_2"YР -K2!M[-.ԏ5q-TY2ahi*v:gG%'?t 2:LQgx%G(g<)t~? ۝`ɽinXפ):C/JD\IߛB؍D[A#)o$:ʽGLvg)#0X6֢Ŷ|pq.ߝ=^osŮ2| c Ild gec JH4 +.mdfL6{FQ<B4U>hdLaUN:myǍ(Y @ܫ`0n% Z1ƾo ^U 6Jlw8E)'ac.z9*@P2buA^ !}.T Joǫ']#⚞7wگ5OW'%} &m|DF45cp$lDqru4]>{)RA A[_\>6k%j;Zw eyگ@-& 'o͒CjzH45A/t3:M~BX5T%@B#:r> +7Vj'_,QtT;DcguZݲ/J'q:W6jT4m-+&mL_7Yhd9`(͠/ZG-_vF@n]h_x^^~lG fekC5YWy5**!2iLm3SۭivaJwoEab 1n8<7c,*~)I]e gƼFϳ޴FKrOthbAԌYQ/u4HNa9G&ltQQzGn&Dk)&|u"`9fm)?ne4&grQكv4V#s֊=`q?MklppC9Axo({R cHvs/|._Fa4Tr'Dʞd4 ƽ5⮄ KKʨ~C\Ad|ukr?3 مa4 3evFu?łޙ_EYv5#C:7IUϑ&ˑ' j3)_rh(2DYB `f`Fn{Np .,bey3n$b5+HRw'W5xlbTx{ye:Q8kKعp폊8yl+~;~0݈P[/ׯ؁;O;"΀+WI<~F<קk 8||Jw"ϋE_g>|}<:5PO8U ǘiU2=Qd3\@뷡|Oq6|HRqsYJݤQp|(z7ߐ[扃ĴNS4\D:^wpZ^YZ",s3A|#fA&*yv='vzyfYdd*3>g)_#))2aƕ-ܒeat' 9tE&a } 012QpT3#By*+'ŬHdt];lI*%+HJwsE30(1JF &ΝYǕ"zte]eWP%FO.݄)&U&QjyW\)n-F_;h ѸVph= 8 2Q ,9_SR>˅ھ%Wӷz?n|j6@(4ѯQ"s/e^{W,2F>6Ԍ}wMiw%tCGݓG mKy AٳW^f//JfbAޖßnM;2![񱑓~`͜V LFc: TsXEw 5M=KIn NTK/vCcE;狤P^1u3LFi^rʼnjP?{jK-|KD*%Z'PW4[0:DDa]L/35?S01]ۃ6<1<9*C+Sz!:m,qT>XyQ/~6ñv*ou 'ƁWR䋩JV5~S<8 Hi.91Sm!u_uw<$漧kugu1 / ;{7%N*060UNSO-fTQBW<* 4(3]LsX xv?ohFw`0& ^ް O_|f7)㬽Q{X9~޶ V&N:HLE`^Z"O(x_?4ހݣ n32~$P"vpYlw%·}jQArk^-j6xVX+7顂4h{zFLwrr-;s;xj?pl@3oײ9Er{Ôn8`k 5JCq›؃} YZ