Overview

File _patchinfo of Package patchinfo.38862

<patchinfo incident="38862">
  <issue tracker="cve" id="2024-6763"/>
  <issue tracker="cve" id="2024-13009"/>
  <issue tracker="bnc" id="1243271">VUL-0: CVE-2024-13009: jetty-minimal: jetty-server: Gzip Request Body Buffer Corruption</issue>
  <issue tracker="bnc" id="1231652">VUL-0: CVE-2024-6763: jetty-minimal, jetty-websocket: org.eclipse.jetty:jetty-http: jetty: the HttpURI class does insufficient validation on the authority segment of a URI</issue>
  <packager>fstrba</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for jetty-minimal</summary>
  <description>This update for jetty-minimal fixes the following issues:

Upgrade to version 9.4.57.v20241219

- CVE-2024-6763: the HttpURI class does insufficient validation on the authority segment of a URI (bsc#1231652)
- CVE-2024-13009: Gzip Request Body Buffer (bsc#1243271)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places