21533 – jetty new security issue CVE-2017-9735

Bug 21533 - jetty new security issue CVE-2017-9735

Summary: jetty new security issue CVE-2017-9735

Status:	RESOLVED OLD

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	5
Hardware:	All Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	Nicolas Lécureuil
QA Contact:	Sec team

URL:
Whiteboard:
Keywords:

Depends on:	21202
Blocks:
	Show dependency tree / graph

Reported:	2017-08-14 14:22 CEST by David Walser
Modified:	2017-12-27 05:08 CET (History)
CC List:	1 user (show)

See Also:
Source RPM:	jetty-9.2.1-4.mga5.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2017-08-14 14:22:39 CEST

+++ This bug was initially created as a clone of Bug #21202 +++

Fedora has issued an advisory on July 7:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/QULQK5DU63QRYEWLVC6QZWASFQFSPFMD/

The issue is fixed upstream in the following versions:
jetty-9.4.6.v20170531
jetty-9.3.20.v20170531
jetty-9.2.22.v20170606

Mageia 5 is also affected.

Comment 1 David Walser 2017-12-27 05:08:27 CET

We won't be fixing this type of package for Mageia 5.

Status: NEW => RESOLVED
Resolution: (none) => OLD

Note You need to log in before you can comment on or make changes to this bug.