Information on source package jetty9

Available versions

ReleaseVersion
stretch (security)9.2.21-1+deb9u1
buster9.4.15-1
sid9.4.15-1

Open issues

BugstretchbustersidDescription
CVE-2019-10247vulnerable (no DSA)vulnerable (no DSA)vulnerableIn Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, ...
CVE-2019-10241vulnerable (no DSA)vulnerable (no DSA)vulnerableIn Eclipse Jetty version 9.2.26 and older, 9.3.25 and older, and 9.4.1 ...
CVE-2018-12536vulnerable (no DSA, ignored)fixedfixedIn Eclipse Jetty Server, all 9.x versions, on webapps deployed using d ...
CVE-2017-9735vulnerable (no DSA, ignored)fixedfixedJetty through 9.4.x is prone to a timing channel in util/security/Pass ...

Resolved issues

BugDescription
CVE-2019-10246In Eclipse Jetty version 9.2.27, 9.3.26, and 9.4.16, the server runnin ...
CVE-2018-12545In Eclipse Jetty version 9.3.x and 9.4.x, the server is vulnerable to ...
CVE-2018-12538In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional ...
CVE-2017-7658In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP ...
CVE-2017-7657In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations) ...
CVE-2017-7656In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations) ...
CVE-2016-4800The path normalization mechanism in PathResource class in Eclipse Jett ...

Security announcements

DSA / DLADescription
DSA-4278-1jetty9 - security update
Search for package or bug name: Reporting problems