[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DSA 4949-1] jetty9 security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4949-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
August 04, 2021                       https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : jetty9
CVE ID         : CVE-2019-10241 CVE-2019-10247 CVE-2020-27216 CVE-2020-27223 
                 CVE-2020-28165 CVE-2020-28169 CVE-2021-34428

Multiple vulnerabilities were discovered in Jetty, a Java servlet engine
and webserver which could result in cross-site scripting, information
disclosure, privilege escalation or denial of service.

For the stable distribution (buster), these problems have been fixed in
version 9.4.16-0+deb10u1.

We recommend that you upgrade your jetty9 packages.

For the detailed security status of jetty9 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/jetty9

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmELC8oACgkQEMKTtsN8
TjZxsg/+L9a9Soj91or7HujO/ZN3METABLUThcEXs5Pkjv7A7SIKaxPLQs4Y/ltJ
C9bDixpE7zSxM5RYmrEoRVH/FTbvrwE4VmIC2KuMRaS450hROMZ2zCLTo0BgFrDS
Mjp/Fgk3h1o0JpEhk2wo/BFDoHgusXGYqcx/m6Q4khdctl7qP5PPPRfqn22Ewmd8
M6Uon1icIr9QFoAXDaaJpyK4Q9YsdouinnkmvYjUp4eTv9YbanqyRvI5tA/1anaf
t4Rs9w3z26kGteTLa/eOhlrP+zvUi3ws27HbV66suTfJ0e3UY01jHVE7jpsVlLSB
za/WifUlKzvKDepg0Ci1oig3wF19oK+G9meqEWx2MOjuMKKY8Wt+nvic8YDGVn6G
6oCVjuscxITCWzhE9XVpvEWhLDxDdwk2vCRn8fe/h+CumSFmhVpwaeGX3OD4rj+P
f/0FcVQyf+M03gRMLEHKWFt7l5BMhyh24CRV+0NMfvBq817OZxJtquIUWT2UbhJS
E4f6VL2sqTIEDlGfDyUk9Zpp41ce7RR+zpKk2N+apILBTkbCuGJjPqcgIsTZt00l
5S4eGUqB9mwzJg1XPKTiADjx0vD0Gb+ZMg9Tukjd3TJc7b6Pa3vpkW68+aRFNtgI
iUl/rp8i65sGVjxyHMHF6uxl5LTNd+30C4fkDekCPoY28oUWsxA=
=kkuT
-----END PGP SIGNATURE-----


Reply to: