https://bugzilla.redhat.com/show_bug.cgi?id=1971016 Bug 1971016 depends on bug 1971017, which changed state.
Bug 1971017 Summary: CVE-2021-28169 jetty: requests to the ConcatServlet and WelcomeFilter are able to access protected resources within the WEB-INF directory [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1971017
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |EOL