Funnelback patch 14.2.1.6

  • Released: 2015-10-27

  • Applies to: v14.2.1

  • Internal reference: SUPPORT-1861

Description

Upgrades the Jetty web server to the latest 9.2.x version to fix a buffer bleed vulnerability.

Affected filesāˆ‚

  • web/server/funnelback-jetty-launcher.jar: Update embedded Jetty version

  • web/tools/jetty/: Update Jetty distribution

  • conf/global.cfg.default: New Jetty configuration parameters

Deployment

  • Stop the Jetty web server.

  • Deploy the provided files on top of an existing install.

  • Start the Jetty web server.

  • As patches are cumulative, apply deployment instructions from previous patches.