[Git][security-tracker-team/security-tracker][master] Reserve DLA-4106-1 for jetty9

[Markus Koschany (@apo)]

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5a3a8b3a by Markus Koschany at 2025-04-01T23:29:36+02:00
Reserve DLA-4106-1 for jetty9

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[01 Apr 2025] DLA-4106-1 jetty9 - security update
+	{CVE-2024-6762 CVE-2024-8184 CVE-2024-9823}
+	[bullseye] - jetty9 9.4.57-0+deb11u1
 [01 Apr 2025] DLA-4105-1 tzdata - new timezone database
 	[bullseye] - tzdata 2025b-0+deb11u1
 [01 Apr 2025] DLA-4104-1 freetype - security update


=====================================
data/dla-needed.txt
=====================================
@@ -118,11 +118,6 @@ ipmctl
   NOTE: 20250112: Added by Front-Desk (ta)
   NOTE: 20250217: I wasn't able to determine a patch for CVE-2023-27517 for any of the series (dleidert)
 --
-jetty9
-  NOTE: 20241110: Added by Front-Desk (apo)
-  NOTE: 20250224: Update is ready based on 9.4.56. Intend to mark CVE-2024-6763 and CVE-2024-6763
-  NOTE: 20250224: as ignored. Feature is either deprecated, not a Jetty server problem or can be worked around.
---
 jinja2 (kanashiro)
   NOTE: 20250105: Added by Front-Desk (apo)
   NOTE: 20250122: Updated sid, waiting for ci.debian.net results.  (spwhitton)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5a3a8b3a4649845582f53a5c98d7d28e6a5dd2f9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5a3a8b3a4649845582f53a5c98d7d28e6a5dd2f9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250401/c103bd77/attachment-0001.htm>