jetty9 9.2.25-1 source package in Ubuntu
Changelog
jetty9 (9.2.25-1) unstable; urgency=medium * Team upload. * New upstream release - Fixes CVE-2017-7656: A remote user can submit a specially crafted HTTP/0.9 request containing invalid request headers to cause Jetty and an upstream HTTP agent (such as an origin server or another proxy) to interpret the boundary of the HTTP request differently. As a result, a malicious request may be embedded within another request as processed by the subsequent system. This allows a remote user to potentially poison the cache. - Fixes CVE-2017-7657: A remote user can submit a specially crafted HTTP request containing invalid Chunked Transfer-Encoding headers to cause Jetty and an upstream HTTP agent (such as an origin server or another proxy) to interpret the boundary of the HTTP request differently. As a result, a malicious request may be embedded within another request as processed by the subsequent system. This allows a remote user to potentially poison the cache. - Fixes CVE-2017-7658: A remote user can submit a specially crafted HTTP request containing more than one Content-Length header to cause Jetty and an upstream HTTP agent (such as an origin server or another proxy) to interpret the boundary of the HTTP request differently. As a result, a malicious request may be embedded within another request as processed by the subsequent system. This allows a remote user to potentially poison the cache. * Compile with the --release parameter to preserve the compatibility with older JREs -- Emmanuel Bourg <email address hidden> Tue, 03 Jul 2018 14:31:51 +0200
Upload details
- Uploaded by:
- Debian Java Maintainers
- Uploaded to:
- Sid
- Original maintainer:
- Debian Java Maintainers
- Architectures:
- all
- Section:
- misc
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
jetty9_9.2.25-1.dsc | 2.4 KiB | f3eea5d3fd340436647f6bc05ea79003e1c7bb53f654d00a5237a239ae346df5 |
jetty9_9.2.25.orig.tar.xz | 7.1 MiB | 37ba13e64e3f5e0cabb7429807dc6c3008323654cf0c1002650cd2d9608f00ad |
jetty9_9.2.25-1.debian.tar.xz | 25.9 KiB | dd779621fc5186dfe8c6dbc8619d5990b7776a0aecb3a7e3b3caa9f1525d2df3 |
Available diffs
- diff from 9.2.24-1 to 9.2.25-1 (77.5 KiB)
No changes file available.
Binary packages built by this source
- jetty9: No summary available for jetty9 in ubuntu cosmic.
No description available for jetty9 in ubuntu cosmic.
- libjetty9-extra-java: No summary available for libjetty9-extra-java in ubuntu cosmic.
No description available for libjetty9-
extra-java in ubuntu cosmic.
- libjetty9-java: No summary available for libjetty9-java in ubuntu cosmic.
No description available for libjetty9-java in ubuntu cosmic.