[Git][security-tracker-team/security-tracker][master] 2 commits: Track fixed version via unstable for CVE-2025-5115/jetty9

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b35dc006 by Salvatore Bonaccorso at 2025-09-07T08:51:10+02:00
Track fixed version via unstable for CVE-2025-5115/jetty9

- - - - -
9cb5400f by Salvatore Bonaccorso at 2025-09-07T08:53:01+02:00
Track fixed version via unstable for CVE-2025-5115/jetty12

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5225,8 +5225,8 @@ CVE-2025-5261 (Authorization Bypass Through User-Controlled Key vulnerability in
 CVE-2025-5260 (Server-Side Request Forgery (SSRF) vulnerability in Pik Online Yaz\u01 ...)
 	NOT-FOR-US: Pik Online Yazilim Cozumleri
 CVE-2025-5115 (In Eclipse Jetty, versions <=9.4.57, <=10.0.25, <=11.0.25, <=12.0.21,  ...)
-	- jetty12 <unfixed> (bug #1111765)
-	- jetty9 <unfixed> (bug #1111766)
+	- jetty12 12.0.17-3.1 (bug #1111765)
+	- jetty9 9.4.57-1.1 (bug #1111766)
 	- jetty <removed>
 	NOTE: https://github.com/jetty/jetty.project/security/advisories/GHSA-mmxm-8w33-wc4h
 	NOTE: https://github.com/jetty/jetty.project/pull/13449



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/d20ffb52e480a9b5bf47ef5f0e5da738d9181eed...9cb5400fbd9251ce78e574077a41012ddce35c71

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/d20ffb52e480a9b5bf47ef5f0e5da738d9181eed...9cb5400fbd9251ce78e574077a41012ddce35c71
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250907/5d86499f/attachment-0001.htm>