Bug 23319 - jetty new security issues CVE-2017-7656, CVE-2017-7657, CVE-2017-7658, CVE-2018-12538
Summary: jetty new security issues CVE-2017-7656, CVE-2017-7657, CVE-2017-7658, CVE-20...
Status: RESOLVED OLD
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 6
Hardware: All Linux
Priority: Normal major
Target Milestone: ---
Assignee: Java Stack Maintainers
QA Contact: Sec team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2018-07-17 15:47 CEST by David Walser
Modified: 2019-11-06 13:33 CET (History)
1 user (show)

See Also:
Source RPM: jetty-9.4.6-1.v20170531.2.mga7.src.rpm
CVE:
Status comment:


Attachments

Description David Walser 2018-07-17 15:47:57 CEST
Fedora has issued an advisory on July 12:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/OTGKQOGG6ULYU675RIQBC33RQNIKYLVI/

The issues are fixed upstream in 9.4.11.

Mageia 5 (all except CVE-2018-12538) and Mageia 6 are also affected.

Please also have a look at Bug 8592 for this package.
David Walser 2018-07-17 15:48:06 CEST

Whiteboard: (none) => MGA6TOO

Comment 1 David Walser 2019-01-01 04:36:22 CET
Updated in Cauldron by David Geiger, currently at 9.4.14.

Version: Cauldron => 6
Whiteboard: MGA6TOO => (none)

Comment 2 Mike Rambo 2019-11-06 13:33:42 CET
Mageia 6 is EOL.

Resolution: (none) => OLD
Status: NEW => RESOLVED
CC: (none) => mrambo


Note You need to log in before you can comment on or make changes to this bug.