[Git][security-tracker-team/security-tracker][master] Update fixed version for CVE-2024-9823

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1cd08092 by Salvatore Bonaccorso at 2024-10-19T17:49:17+02:00
Update fixed version for CVE-2024-9823

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1336,10 +1336,11 @@ CVE-2024-9936 (When manipulating the selection node cache, an attacker may have
 	- firefox 131.0.3-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-53/#CVE-2024-9936
 CVE-2024-9823 (There exists a security vulnerability in Jetty's DosFilter which can b ...)
-	- jetty9 9.4.56-1
+	- jetty9 9.4.54-1
 	- jetty <removed>
-	NOTE: https://github.com/jetty/jetty.project/security/advisories/GHSA-g8m5-722r-8whq
-	NOTE: https://github.com/jetty/jetty.project/pull/11723
+	NOTE: https://github.com/jetty/jetty.project/security/advisories/GHSA-7hcf-ppf8-5w5h
+	NOTE: https://github.com/jetty/jetty.project/issues/1256
+	NOTE: https://github.com/jetty/jetty.project/pull/10748
 CVE-2024-9139 (The affected product permits OS command injection through improperly r ...)
 	NOT-FOR-US: Moxa
 CVE-2024-9137 (The affected product lacks an authentication check when sending comman ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1cd08092c992158482351678eef2abcedb3fc639

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1cd08092c992158482351678eef2abcedb3fc639
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241019/b9547c7b/attachment.htm>