[Secure-testing-commits] r52623 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2017-06-16 18:53:42 +0000 (Fri, 16 Jun 2017)
New Revision: 52623

Modified:
   data/CVE/list
Log:
Add jetty9 issue, #864898

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-06-16 18:32:05 UTC (rev 52622)
+++ data/CVE/list	2017-06-16 18:53:42 UTC (rev 52623)
@@ -1,3 +1,10 @@
+CVE-2017-XXXX [timing channel in Password.java]
+	- jetty9 <unfixed> (bug #864898)
+	- jetty8 <removed>
+	- jetty <removed>
+	NOTE: https://github.com/eclipse/jetty.project/issues/1556
+	NOTE: https://github.com/eclipse/jetty.project/commit/f3751d70787fd8ab93932a51c60514c2eb37cb58
+	NOTE: https://github.com/eclipse/jetty.project/commit/2baa1abe4b1c380a30deacca1ed367466a1a62ea
 CVE-2017-9725
 	RESERVED
 CVE-2017-9724