jetty9_9.4.39-3+deb11u1_source.changes ACCEPTED into proposed-updates->stable-new
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Tue Aug 2 12:04:39 BST 2022
Mapping stable-security to proposed-updates.
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 2 Aug 2022 12:04:18 CEST
Source: jetty9
Architecture: source
Version: 9.4.39-3+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Java Maintainers <pkg-java-maintainers at lists.alioth.debian.org>
Changed-By: Markus Koschany <apo at debian.org>
Checksums-Sha1:
fcf0991cbaf0dce6c89dea761068d3488fdfafc3 2782 jetty9_9.4.39-3+deb11u1.dsc
00c84ba82fe5d5627b7c7a64c4cef9534c62ab13 11146440 jetty9_9.4.39.orig.tar.xz
27639c6352279dcf9181791f0541f8a6496469c1 44120 jetty9_9.4.39-3+deb11u1.debian.tar.xz
e07953c11d781ed3669b18f0af0d2f8b8847dbc6 18014 jetty9_9.4.39-3+deb11u1_amd64.buildinfo
Checksums-Sha256:
f2e4e59d6f0d30431a5fa19978dfba6451b231464b6bdb7e5b38f93b06089de8 2782 jetty9_9.4.39-3+deb11u1.dsc
8f59dbfd0663b23adca26a01914fa57e7a8cad27d595af457b4dda02d9cfefb3 11146440 jetty9_9.4.39.orig.tar.xz
055d73273a8d4e9b03354020361a6e347e3ef39d02accc044ca17ae69957dcc9 44120 jetty9_9.4.39-3+deb11u1.debian.tar.xz
18c2492744d0d9d9bb959a5d73de7f9e50676202b505fc815dfcd65537b4672b 18014 jetty9_9.4.39-3+deb11u1_amd64.buildinfo
Changes:
jetty9 (9.4.39-3+deb11u1) bullseye-security; urgency=high
.
* Team upload.
* Fix CVE-2022-2047:
In Eclipse Jetty the parsing of the authority segment of an http scheme
URI, the Jetty HttpURI class improperly detects an invalid input as a
hostname. This can lead to failures in a Proxy scenario.
* Fix CVE-2022-2048:
In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid
HTTP/2 request, the error handling has a bug that can wind up not properly
cleaning up the active connections and associated resources. This can lead
to a Denial of Service scenario where there are no enough resources left to
process good requests.
Files:
ff619dd334b3a046a9d7d6176d133945 2782 java optional jetty9_9.4.39-3+deb11u1.dsc
9be2d26f25e65b8d223d3546ee848ccc 11146440 java optional jetty9_9.4.39.orig.tar.xz
e63155b7c476f2490fbb6d834a82e572 44120 java optional jetty9_9.4.39-3+deb11u1.debian.tar.xz
b801c3913cbddf7ec50e1b1b9592b7ab 18014 java optional jetty9_9.4.39-3+deb11u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmLo9qdfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkyqwP/im00a1HgwpGiK6hUbw//BTY4L+05xXOFwHg
3o+wZmSrbe+3l1WY/6/AVSBp4keU3WKjy4NNa3TXoJpOVxKw0eN57eYzy+sc7wSJ
6fdkEWk1kPwgkUK1gDn18ihjFFaJ9/DRPO1859oKaEYq+F/zL4p0LmiQR3KqUGXH
P1fJcSyRNsNkhcGaT3V03hx3cnXuUEXsVtCGBunhIZrm8WJVjC3KmW5XNA8aebNq
HTJThWpf6CUUq2VyGd/VX3gOGB+xAhmsMtu9JpLe2LlF9ycda+m2fTb+JA7eI8K9
vEhriB2mVUQo3fs+lg9JpSsoNNE/GsHCWT3Gqc8rhoB0Ox7W5hWhVajqFlGlONIU
wfooBPUuxVW8p7t1Nie1GKIYltF28/dn8L8oDDWlqTpkAf3OEBfzYvVcIr9nl1c3
GETqcjiIJBlzDX/XgcaQWE1gyXdGtU3HLrni2tp3eQOS0OO8C/qib2s3g/Aj38tR
jEjlboNVzKiJBIwHpJvMwy//XVl1rlci0L0E9i1aAjFQGPX1V+5WoLEcfmeQH1zv
x6Tm/wz8ZgU7dcWUSnKijJrLdC/T69TSfS5iQapnldMAK41P/PBs+bDBEwziBVl8
QtdZyDoi1xHz5YP1FwAZ/qAxuqtvSpC4Q5UorV9qD+WI7SU4XDsEFFSqURQHHFK1
Qrfqf5Op
=s7Iw
-----END PGP SIGNATURE-----
Thank you for your contribution to Debian.
More information about the pkg-java-maintainers
mailing list