[Git][security-tracker-team/security-tracker][master] Revert "CVE-2021-28165/jetty9: stretch not-affected"

[Sylvain Beucler]

Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ed434dea by Sylvain Beucler at 2021-05-04T18:50:28+02:00
Revert "CVE-2021-28165/jetty9: stretch not-affected"

This reverts commit 369b750e0e56ae70a90f5aa1435f91e5ece6e342.

Requires further examination.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -8768,10 +8768,8 @@ CVE-2021-28166 (In Eclipse Mosquitto version 2.0.0 to 2.0.9, if an authenticated
 	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=572608
 CVE-2021-28165 (In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0. ...)
 	- jetty9 9.4.39-1
-	[stretch] - jetty9 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/eclipse/jetty.project/security/advisories/GHSA-26vr-8j45-3r4w
 	NOTE: https://github.com/eclipse/jetty.project/issues/6072
-	NOTE: Introduced by https://github.com/eclipse/jetty.project/commit/17b6eee5aca00460913a2b7847325b6e3df39fd2 (v9.4.12)
 CVE-2021-28164 (In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default com ...)
 	- jetty9 9.4.39-1
 	NOTE: https://github.com/eclipse/jetty.project/security/advisories/GHSA-v7ff-8wcx-gmc5



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed434deac9236c8be0bb0300adaeaff2b70f8036

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed434deac9236c8be0bb0300adaeaff2b70f8036
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210504/48f60cdc/attachment.htm>