1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 4949-1] jetty9 security update

    From Moritz Muehlenhoff@21:1/5 to All on Thu Aug 5 00:00:02 2021
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4949-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 04, 2021 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : jetty9
    CVE ID : CVE-2019-10241 CVE-2019-10247 CVE-2020-27216 CVE-2020-27223
    CVE-2020-28165 CVE-2020-28169 CVE-2021-34428

    Multiple vulnerabilities were discovered in Jetty, a Java servlet engine
    and webserver which could result in cross-site scripting, information disclosure, privilege escalation or denial of service.

    For the stable distribution (buster), these problems have been fixed in
    version 9.4.16-0+deb10u1.

    We recommend that you upgrade your jetty9 packages.

    For the detailed security status of jetty9 please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/jetty9

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmELC8oACgkQEMKTtsN8 TjZxsg/+L9a9Soj91or7HujO/ZN3METABLUThcEXs5Pkjv7A7SIKaxPLQs4Y/ltJ C9bDixpE7zSxM5RYmrEoRVH/FTbvrwE4VmIC2KuMRaS450hROMZ2zCLTo0BgFrDS Mjp/Fgk3h1o0JpEhk2wo/BFDoHgusXGYqcx/m6Q4khdctl7qP5PPPRfqn22Ewmd8 M6Uon1icIr9QFoAXDaaJpyK4Q9YsdouinnkmvYjUp4eTv9YbanqyRvI5tA/1anaf t4Rs9w3z26kGteTLa/eOhlrP+zvUi3ws27HbV66suTfJ0e3UY01jHVE7jpsVlLSB za/WifUlKzvKDepg0Ci1oig3wF19oK+G9meqEWx2MOjuMKKY8Wt+nvic8YDGVn6G 6oCVjuscxITCWzhE9XVpvEWhLDxDdwk2vCRn8fe/h+CumSFmhVpwaeGX3OD4rj+P f/0FcVQyf+M03gRMLEHKWFt7l5BMhyh24CRV+0NMfvBq817OZxJtquIUWT2UbhJS E4f6VL2sqTIEDlGfDyUk9Zpp41ce7RR+zpKk2N+apILBTkbCuGJjPqcgIsTZt00l 5S4eGUqB9mwzJg1XPKTiADjx0vD0Gb+ZMg9Tukjd3TJc7b6Pa3vpkW68+aRFNtgI iUl/rp8i65sGVjxyHMHF6uxl5LTNd+30C4fkDekCPoY28oUWsxA=
    =kkuT
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)