Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits: 43939778 by Markus Koschany at 2025-04-01T19:39:25+02:00 CVE-2024-6762,jetty9: fixed in trixie and unstable since 9.4.54-1 This issue has been addressed in 9.4.54-1 by deprecating PushCacheFilter and PushSessionCacheFilter. I believe the warning is sufficient and no reverse-dependency is negatively affected by it. https://github.com/jetty/jetty.project/pull/9716 https://github.com/jetty/jetty.project/pull/10756 - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -53317,7 +53317,7 @@ CVE-2024-6763 (Eclipse Jetty is a lightweight, highly scalable, Java-based web s NOTE: https://github.com/jetty/jetty.project/security/advisories/GHSA-qh8g-58pp-2wxh NOTE: https://github.com/jetty/jetty.project/pull/12012 CVE-2024-6762 (Jetty PushSessionCacheFilter can be exploited by unauthenticated users ...) - - jetty9 <unfixed> (bug #1085697) + - jetty9 9.4.54-1 (bug #1085697) - jetty <removed> NOTE: https://github.com/jetty/jetty.project/security/advisories/GHSA-r7m4-f9h5-gr79 NOTE: https://github.com/jetty/jetty.project/pull/9715 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/43939778a8192dc09f0871af701cb8204bde9b3b -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/43939778a8192dc09f0871af701cb8204bde9b3b You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
