jetty9 (9.4.54-1)
[PTS] [DDPO]
OK: VCS matches the version in the archive
- Git: https://salsa.debian.org/java-team/jetty9.git
-
- Branch: master
- Path: debian/changelog
- Repo size: 1433600
- Browser: https://salsa.debian.org/java-team/jetty9
- Last scan: 2024-04-27 20:35:37+00
- Next scan: 2024-05-05 03:10:00+00
- Merge requests: 1
- Debian changelog in Git:
jetty9 (9.4.54-1) unstable; urgency=high
* Team upload.
* New upstream version 9.4.54.
- Fix CVE-2024-22201:
It was discovered that remote attackers may leave many HTTP/2 connections
in ESTABLISHED state (not closed), TCP congested and idle. Eventually the
server will stop accepting new connections from valid clients which can
cause a denial of service. (Closes: #1064923)
Thanks to Salvatore Bonaccorso for the report.
-- Markus Koschany <apo@debian.org> Sat, 06 Apr 2024 12:54:58 +0200
- This branch is even with tag debian/9.4.54-1