Visit Jetty Home Page
Jetty 11.0.x Release Notes
3 versions
Comprehensive release notes and changelog for Jetty 11.0.x, including security patches, bug fixes, and feature updates across all supported versions.
April 2026
11.0.29
Released Apr 10, 2026 Full Version:
11.0.29
Security Fixes
- JASPI access control escalation (CVE-2026-5795).
Notes
- This release originates from the open-source Eclipse Jetty by HeroDevs. It encompasses modifications implemented by HeroDevs to ensure successful framework builds. This release contains no functional changes from Jetty
11.0.26.
March 2026
11.0.28
Released Mar 6, 2026 Full Version:
11.0.28
Security Fixes
- HTTP Request Smuggling via Chunked Extension Quoted-String Parsing (CVE-2026-2332).
Notes
- This release originates from the open-source Eclipse Jetty by HeroDevs. It encompasses modifications implemented by HeroDevs to ensure successful framework builds. This release contains no functional changes from Jetty
11.0.26.
11.0.27
Released Mar 5, 2026 Full Version:
11.0.27
Security Fixes
- Fixed improper input validation in jetty-http where malformed URIs were parsed differently than other common parsers, potentially allowing blocklist bypass in multi-component systems (CVE-2025-11143).
Notes
- This release originates from the open-source Eclipse Jetty by HeroDevs. It encompasses modifications implemented by HeroDevs to ensure successful framework builds. This release contains no functional changes from Jetty
11.0.26.
Stay in the loop
~/herodevs-spring-framework-support
herodevs@nes:open-source$ ./display-support-info.sh