Bug 21533

Summary: jetty new security issue CVE-2017-9735
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Nicolas Lécureuil <mageia>
Status: RESOLVED OLD QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: geiger.david68210
Version: 5   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: jetty-9.2.1-4.mga5.src.rpm CVE:
Status comment:
Bug Depends on: 21202    
Bug Blocks:    

Description David Walser 2017-08-14 14:22:39 CEST 
+++ This bug was initially created as a clone of Bug #21202 +++

Fedora has issued an advisory on July 7:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/QULQK5DU63QRYEWLVC6QZWASFQFSPFMD/

The issue is fixed upstream in the following versions:
jetty-9.4.6.v20170531
jetty-9.3.20.v20170531
jetty-9.2.22.v20170606

Mageia 5 is also affected.
Comment 1 David Walser 2017-12-27 05:08:27 CET 
We won't be fixing this type of package for Mageia 5.

Status: NEW => RESOLVED
Resolution: (none) => OLD