[Git][security-tracker-team/security-tracker][master] Add CVE-2021-28169/jetty

Thu Jun 10 22:02:03 BST 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1ca00086 by Salvatore Bonaccorso at 2021-06-10T23:01:30+02:00
Add CVE-2021-28169/jetty

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15076,7 +15076,10 @@ CVE-2021-28170 (In the Jakarta Expression Language implementation 3.0.3 and earl
 	NOTE: https://securitylab.github.com/advisories/GHSL-2020-021-jakarta-el/
 	NOTE: Only affects the EL reference implementation which isn't built into the binary packages
 CVE-2021-28169 (For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, i ...)
-	TODO: check
+	- jetty9 <unfixed>
+	- jetty8 <removed>
+	- jetty <removed>
+	NOTE: https://github.com/eclipse/jetty.project/security/advisories/GHSA-gwcr-j4wh-j3cq
 CVE-2021-28168 (Eclipse Jersey 2.28 to 2.33 and Eclipse Jersey 3.0.0 to 3.0.1 contains ...)
 	NOT-FOR-US: Eclipse Jersey
 CVE-2021-28167 (In Eclipse Openj9 to version 0.25.0, usage of the jdk.internal.reflect ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1ca000860856073019c590b1e95e3558d35d0f4b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1ca000860856073019c590b1e95e3558d35d0f4b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210610/f3a98c75/attachment.htm>
