[Git][security-tracker-team/security-tracker][master] Reference directly upstream commits for CVE-2025-11143

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ddeed669 by Salvatore Bonaccorso at 2026-03-16T20:58:33+01:00
Reference directly upstream commits for CVE-2025-11143

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4573,8 +4573,9 @@ CVE-2025-11143 (The Jetty URI parser has some key differences to other common pa
 	- jetty9 <unfixed>
 	- jetty <removed>
 	NOTE: https://github.com/jetty/jetty.project/security/advisories/GHSA-wjpw-4j6x-6rwh
-	NOTE: Fixed by: https://github.com/jetty/jetty.project/pull/14014 (jetty-12.1.x)
-	NOTE: Fixed by: https://github.com/jetty/jetty.project/pull/14011 (jetty-9.4.x)
+	NOTE: Fixed by: https://github.com/jetty/jetty.project/commit/28d9af2a2a3346d7edd35e3b6372a68c5a3be4a5 (jetty-12.1.5)
+	NOTE: Fixed by: https://github.com/jetty/jetty.project/commit/553b59eff83461a7e488e592bcc3bb958a76f13f (jetty-12.0.31)
+	NOTE: Fixed by: https://github.com/jetty/jetty.project/commit/89d2ac7c7792e51cd4b5b633f249fc4c32e5c67b (jetty-9.4.x)
 CVE-2024-43035 (Fonoster 0.5.5 before 0.6.1 allows ../ directory traversal to read arb ...)
 	NOT-FOR-US: Fonoster
 CVE-2026-3523 (The Apocalypse Meow plugin for WordPress is vulnerable to SQL Injectio ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ddeed6690d35189fd8e369f8a01f74c2312b3cba

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ddeed6690d35189fd8e369f8a01f74c2312b3cba
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260316/c6891426/attachment-0001.htm>