| Release | Version |
|---|---|
| stretch (security) | 9.2.21-1+deb9u1 |
| buster | 9.4.14-1 |
| sid | 9.4.14-1 |
| Bug | stretch | buster | sid | Description |
|---|---|---|---|---|
| CVE-2018-12536 | vulnerable (no DSA, ignored) | fixed | fixed | In Eclipse Jetty Server, all 9.x versions, on webapps deployed using ... |
| CVE-2017-9735 | vulnerable (no DSA, ignored) | fixed | fixed | Jetty through 9.4.x is prone to a timing channel in ... |
| Bug | Description |
|---|---|
| CVE-2018-12538 | In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional ... |
| CVE-2017-7658 | In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non ... |
| CVE-2017-7657 | In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all ... |
| CVE-2017-7656 | In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all ... |
| CVE-2016-4800 | The path normalization mechanism in PathResource class in Eclipse ... |
| DSA / DLA | Description |
|---|---|
| DSA-4278-1 | jetty9 - security update |