Forum: >>> Magnum BBS <<<

Accepted jetty9 9.4.39-3+deb11u1 (source) into proposed-updates->stable

From Debian FTP Masters@21:1/5 to All on Sat Aug 6 23:10:02 2022

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 2 Aug 2022 12:04:18 CEST
Source: jetty9
Architecture: source
Version: 9.4.39-3+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Checksums-Sha1:
fcf0991cbaf0dce6c89dea761068d3488fdfafc3 2782 jetty9_9.4.39-3+deb11u1.dsc
00c84ba82fe5d5627b7c7a64c4cef9534c62ab13 11146440 jetty9_9.4.39.orig.tar.xz
27639c6352279dcf9181791f0541f8a6496469c1 44120 jetty9_9.4.39-3+deb11u1.debian.tar.xz
e07953c11d781ed3669b18f0af0d2f8b8847dbc6 18014 jetty9_9.4.39-3+deb11u1_amd64.buildinfo
Checksums-Sha256:
f2e4e59d6f0d30431a5fa19978dfba6451b231464b6bdb7e5b38f93b06089de8 2782 jetty9_9.4.39-3+deb11u1.dsc
8f59dbfd0663b23adca26a01914fa57e7a8cad27d595af457b4dda02d9cfefb3 11146440 jetty9_9.4.39.orig.tar.xz
055d73273a8d4e9b03354020361a6e347e3ef39d02accc044ca17ae69957dcc9 44120 jetty9_9.4.39-3+deb11u1.debian.tar.xz
18c2492744d0d9d9bb959a5d73de7f9e50676202b505fc815dfcd65537b4672b 18014 jetty9_9.4.39-3+deb11u1_amd64.buildinfo
Changes:
jetty9 (9.4.39-3+deb11u1) bullseye-security; urgency=high
.
* Team upload.
* Fix CVE-2022-2047:
In Eclipse Jetty the parsing of the authority segment of an http scheme
URI, the Jetty HttpURI class improperly detects an invalid input as a
hostname. This can lead to failures in a Proxy scenario.
* Fix CVE-2022-2048:
In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid
HTTP/2 request, the error handling has a bug that can wind up not properly
cleaning up the active connections and associated resources. This can lead
to a Denial of Service scenario where there are no enough resources left to
process good requests.
Files:
ff619dd334b3a046a9d7d6176d133945 2782 java optional jetty9_9.4.39-3+deb11u1.dsc
9be2d26f25e65b8d223d3546ee848ccc 11146440 java optional jetty9_9.4.39.orig.tar.xz
e63155b7c476f2490fbb6d834a82e572 44120 java optional jetty9_9.4.39-3+deb11u1.debian.tar.xz
b801c3913cbddf7ec50e1b1b9592b7ab 18014 java optional jetty9_9.4.39-3+deb11u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmLo9qdfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HkyqwP/im00a1HgwpGiK6hUbw//BTY4L+05xXOFwHg 3o+wZmSrbe+3l1WY/6/AVSBp4keU3WKjy4NNa3TXoJpOVxKw0eN57eYzy+sc7wSJ 6fdkEWk1kPwgkUK1gDn18ihjFFaJ9/DRPO1859oKaEYq+F/zL4p0LmiQR3KqUGXH P1fJcSyRNsNkhcGaT3V03hx3cnXuUEXsVtCGBunhIZrm8WJVjC3KmW5XNA8aebNq HTJThWpf6CUUq2VyGd/VX3gOGB+xAhmsMtu9JpLe2LlF9ycda+m2fTb+JA7eI8K9 vEhriB2mVUQo3fs+lg9JpSsoNNE/GsHCWT3Gqc8rhoB0Ox7W5hWhVajqFlGlONIU wfooBPUuxVW8p7t1Nie1GKIYltF28/dn8L8oDDWlqTpkAf3OEBfzYvVcIr9nl1c3 GETqcjiIJBlzDX/XgcaQWE1gyXdGtU3HLrni2tp3eQOS0OO8C/qib2s3g/Aj38tR jEjlboNVzKiJBIwHpJvMwy//XVl1rlci0L0E9i1aAjFQGPX1V+5WoLEcfmeQH1zv x6Tm/wz8ZgU7dcWUSnKijJrLdC/T69TSfS5iQapnldMAK41P/PBs+bDBEwziBVl8 QtdZyDoi1xHz5YP1FwAZ/qAxuqtvSpC4Q5UorV9qD+WI7SU4XDsEFFSqURQHHFK1
Qrfqf5Op
=s7Iw
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Who's Online

System Info

Sysop:	Keyop
Location:	Huddersfield, West Yorkshire, UK
Users:	292
Nodes:	16 (2 / 14)
Uptime:	207:23:15
Calls:	6,618
Files:	12,168
Messages:	5,317,001

Accepted jetty9 9.4.39-3+deb11u1 (source) into proposed-updates->stable

Who's Online

System Info