[Git][security-tracker-team/security-tracker][master] Track fixed version for some jetty9 issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Sep 24 14:48:18 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a3a8e571 by Salvatore Bonaccorso at 2023-09-24T15:43:31+02:00
Track fixed version for some jetty9 issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -663,7 +663,7 @@ CVE-2023-42336 (An issue in NETIS SYSTEMS WF2409Ev4 v.1.0.1.705 allows a remote
 CVE-2023-41901
 	REJECTED
 CVE-2023-41900 (Jetty is a Java based web server and servlet engine. Versions 9.4.21 t ...)
-	- jetty9 <unfixed>
+	- jetty9 9.4.52-1
 	NOTE: https://github.com/eclipse/jetty.project/security/advisories/GHSA-pwh8-58vv-vw48
 	NOTE: https://github.com/eclipse/jetty.project/pull/9528 (10.0.16, 11.0.16)
 	NOTE: https://github.com/eclipse/jetty.project/pull/9660 (9.4.52)
@@ -807,7 +807,7 @@ CVE-2023-40868 (Cross Site Request Forgery vulnerability in mooSocial MooSocial
 CVE-2023-40588 (Discourse is an open-source discussion platform. Prior to version 3.1. ...)
 	NOT-FOR-US: Discourse
 CVE-2023-40167 (Jetty is a Java based web server and servlet engine. Prior to versions ...)
-	- jetty9 <unfixed>
+	- jetty9 9.4.52-1
 	NOTE: https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6
 CVE-2023-40019 (FreeSWITCH is a Software Defined Telecom Stack enabling the digital tr ...)
 	- freeswitch <itp> (bug #389591)
@@ -33143,13 +33143,13 @@ CVE-2023-26050
 	RESERVED
 CVE-2023-26049 (Jetty is a java based web server and servlet engine. Nonstandard cooki ...)
 	[experimental] - jetty9 9.4.51-1
-	- jetty9 <unfixed>
+	- jetty9 9.4.52-1
 	NOTE: https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c
 	NOTE: https://github.com/eclipse/jetty.project/pull/9339
 	NOTE: https://github.com/eclipse/jetty.project/pull/9352
 CVE-2023-26048 (Jetty is a java based web server and servlet engine. In affected versi ...)
 	[experimental] - jetty9 9.4.51-1
-	- jetty9 <unfixed>
+	- jetty9 9.4.52-1
 	NOTE: https://github.com/eclipse/jetty.project/security/advisories/GHSA-qw69-rqj8-6qw8
 	NOTE: https://github.com/eclipse/jetty.project/issues/9076
 	NOTE: https://github.com/eclipse/jetty.project/pull/9344



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a3a8e5711d29a77ed8881659f876b5201ec9b57f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a3a8e5711d29a77ed8881659f876b5201ec9b57f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230924/e1796c0e/attachment.htm>

More information about the debian-security-tracker-commits mailing list