Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 4278-1] jetty9 security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 4278-1] jetty9 security update


Chronologisch Thread 
    < Chronologisch >      < Thread >
  • From: Moritz Muehlenhoff <jmm AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 4278-1] jetty9 security update
  • Date: Sun, 19 Aug 2018 21:21:38 +0000
  • List-archive: https://lists.debian.org/msgid-search/20180819212138.k5z3bl5i3oubqnae AT seger.debian.org
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-return-path: <jmm AT seger.debian.org>
  • Priority: urgent
  • Resent-date: Sun, 19 Aug 2018 21:22:02 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <cKm-xhOyviP.A.AfH.69debB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4278-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
August 19, 2018 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : jetty9
CVE ID : CVE-2017-7656 CVE-2017-7657 CVE-2017-7658

Multiple vulnerabilities were discovered in Jetty, a Java servlet engine
and webserver which could result in HTTP request smuggling.

For the stable distribution (stretch), these problems have been fixed in
version 9.2.21-1+deb9u1.

We recommend that you upgrade your jetty9 packages.

For the detailed security status of jetty9 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/jetty9

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlt53v0ACgkQEMKTtsN8
TjYyKxAAswm/MFRXUeZlOzhiLwUgVUkCdzzKVvTc05ZDt0BjtGLztHF81wYD+E7Z
LTpu0fORl8KylydIDtLEzji6psuUmprhDdn28lxoHPH2YVuLOJ281v4JTo2HEkzL
oEdBbvy1jH35AUnP92y0QDidWMJfNhk9+9fJr7w9JUW6u10r1u6/ikHFJIc8eUmf
3i0brQSfplmaa0enX03MnPCmZTkkavFkkO14JF1BQT/TRyjgs5CH4vjp498sE9vy
1MyGf/KdSzom+G0qA1iYfTlNR7Bq3VQAcEgOVpnUk7stQ8+3xZC1OFAlC/9Q6Np1
TgBsvkGz5QA0CWlWh1qn0lxoQPtJD2t+2ttrA5Wk7alXJqTBGOHFZu0NjN2n+JSe
BvhtlqzQvDNwDotxlV1UrkFLYv5a0qSgRgFyN/7QpR/yeG09llHGaqPfHdZv9k3p
qBkhJPnVHAwADXySYa8ByC5mYewD/aB0e8toN0zwIUbpZFulbvUQcuH0eXdvrzkG
NxqIXcgSAhOAM6EKP4cLDh+fBN8tUH6wtnOZUNaekqeH4y7pubEqNeSeaJdO+6Sj
J6NAAI6/gMLAXT4ydZsJD5jiena0OfZuLOxvb10vZ3JLrplX+unWuuJbsJi/Kw1u
ZI/uKmlcvInuwslWliRzGtEg893O/M7Gn9FYPHhGZE9dvt9OibA=
=elW8
-----END PGP SIGNATURE-----


  • [IT-SecNots] [SECURITY] [DSA 4278-1] jetty9 security update, Moritz Muehlenhoff, 19.08.2018

Archiv bereitgestellt durch MHonArc 2.6.19.

Seitenanfang