Your message dated Wed, 23 Dec 2009 17:38:34 +0000
with message-id <e1nnvaq-0000ax...@ries.debian.org>
and subject line Bug#553644: fixed in jetty 6.1.22-1
has caused the Debian Bug report #553644,
regarding jetty: multiple vulnerabilities
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
553644: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=553644
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: jetty
Severity: grave
Tags: security
Hi,
Multiple vulnerabilities have been discovered in jetty 6.x and 7.x.
The original advisory can be found at
http://www.ush.it/team/ush/hack-jetty6x7x/jetty-adv.txt
When you fix this issue, please mention the CVE ids in the changelog, if they
are assigned before the issues are fixed.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--- End Message ---
--- Begin Message ---
Source: jetty
Source-Version: 6.1.22-1
We believe that the bug you reported is fixed in the latest version of
jetty, which is due to be installed in the Debian FTP archive:
jetty_6.1.22-1.diff.gz
to main/j/jetty/jetty_6.1.22-1.diff.gz
jetty_6.1.22-1.dsc
to main/j/jetty/jetty_6.1.22-1.dsc
jetty_6.1.22-1_all.deb
to main/j/jetty/jetty_6.1.22-1_all.deb
jetty_6.1.22.orig.tar.gz
to main/j/jetty/jetty_6.1.22.orig.tar.gz
libjetty-extra-java_6.1.22-1_all.deb
to main/j/jetty/libjetty-extra-java_6.1.22-1_all.deb
libjetty-extra_6.1.22-1_i386.deb
to main/j/jetty/libjetty-extra_6.1.22-1_i386.deb
libjetty-java-doc_6.1.22-1_all.deb
to main/j/jetty/libjetty-java-doc_6.1.22-1_all.deb
libjetty-java_6.1.22-1_all.deb
to main/j/jetty/libjetty-java_6.1.22-1_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 553...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Pablo Duboue <pablo.dub...@gmail.com> (supplier of updated jetty package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sun, 13 Dec 2009 1:55:00 -0400
Source: jetty
Binary: libjetty-java libjetty-java-doc libjetty-extra-java libjetty-extra jetty
Architecture: source all i386
Version: 6.1.22-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers
<pkg-java-maintain...@lists.alioth.debian.org>
Changed-By: Pablo Duboue <pablo.dub...@gmail.com>
Description:
jetty - Java servlet engine and webserver
libjetty-extra - Java servlet engine and webserver -- extra libraries
libjetty-extra-java - Java servlet engine and webserver -- extra libraries
libjetty-java - Java servlet engine and webserver -- core libraries
libjetty-java-doc - Javadoc for the Jetty API
Closes: 553644 554877 558187
Changes:
jetty (6.1.22-1) unstable; urgency=medium
.
* New upstream release. (Closes: #553644)
* Added OSGi bundle metadata (by upstream). (Closes: #558187)
* Corrected path to jetty web-apps (by Niels Thykier). (Closes: #554877)
Checksums-Sha1:
119170287919c0489851b03c9176750ddb310f29 1613 jetty_6.1.22-1.dsc
63c9fbb4d9120f38bd6f0e236d017d8f8875064d 2072522 jetty_6.1.22.orig.tar.gz
84f552a02abc35b618aa7fca4f3e0f91b3f7d575 20966 jetty_6.1.22-1.diff.gz
9a362056fd8cc53571479d331dce50f13c5a36f0 777344 libjetty-java_6.1.22-1_all.deb
3ec9ec46459327a7566948a7113f214a575c8883 752486
libjetty-java-doc_6.1.22-1_all.deb
abbe4315c566fb30a009cf62a9d6d3b3f17bab39 263476
libjetty-extra-java_6.1.22-1_all.deb
ee968274d9c925bb24295de0196c145869899813 851778 jetty_6.1.22-1_all.deb
adcdb8c3be8a5d6a12bd88f448ef3a5b7e61e4c0 64754 libjetty-extra_6.1.22-1_i386.deb
Checksums-Sha256:
2f18db5852c2282a041e313d6374edc71d050c5d27b418ee6f0125cdbb034d6a 1613
jetty_6.1.22-1.dsc
4993b3462c2745ac7e4e2ef2a2955028c0a7421fcba3af99dc1922881bbc9a72 2072522
jetty_6.1.22.orig.tar.gz
fe076df66fd3a9f4e22bbf15bc0bfc00ca139eb0e61cc28c4900e16bffaa020a 20966
jetty_6.1.22-1.diff.gz
27b832dec9e006abeb4344ec234b52553265443206d783b9ba3c4a9fdb3ad770 777344
libjetty-java_6.1.22-1_all.deb
5bd4ed88644dac2f42abff68cce47d86b6e6ce8af5f565fd652469302e3f9866 752486
libjetty-java-doc_6.1.22-1_all.deb
8724ff773e7231b77865351a40973592420f9656171c1b1a74a317ab81f9b640 263476
libjetty-extra-java_6.1.22-1_all.deb
5b64a6cecdd4f71d8d3e7b9b95597fb5cf3cf1c3371cf05ec6a841150d61f482 851778
jetty_6.1.22-1_all.deb
754cece8afc00a5204e1ad5670b0b7ca167fda84a124fc85295809802e428be8 64754
libjetty-extra_6.1.22-1_i386.deb
Files:
8a1b93f484cd70ddea91839513edfed0 1613 java optional jetty_6.1.22-1.dsc
0148bf365f67344f06ea37eb032a0a8d 2072522 java optional jetty_6.1.22.orig.tar.gz
db273174dcb8390fddc33d559fc1aaf9 20966 java optional jetty_6.1.22-1.diff.gz
8bc4ed5e0bd8a481fab60352052a939a 777344 java optional
libjetty-java_6.1.22-1_all.deb
112060c5f81cafd72ae03eec2944897d 752486 doc optional
libjetty-java-doc_6.1.22-1_all.deb
5d54be91810baed0d3b8d949df773017 263476 java optional
libjetty-extra-java_6.1.22-1_all.deb
29ba9bb66dc5d6bc89075d2dcad1b1b0 851778 java optional jetty_6.1.22-1_all.deb
f79ae2f1618922d771306aade0a33433 64754 libs optional
libjetty-extra_6.1.22-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAksyULAACgkQ5ItltUs5T34wkgCfQ9VbEyoBK7NEbGfBhfyDY1On
JXgAoMYz/3aS5VBSm0k/ETey6/i/UQDz
=0V3N
-----END PGP SIGNATURE-----
--- End Message ---
