UbuntuUpdates.org

Package "jetty"

Name: jetty

Description:

Java servlet engine and webserver
Latest version: 6.1.26-1ubuntu1.2
Release: trusty (14.04)
Level: updates
Repository: universe
Homepage: http://jetty.mortbay.com/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "jetty"

All arch deb package
APT INSTALL

Other versions of "jetty" in Trusty

Repository Area Version
base universe 6.1.26-1ubuntu1
security universe 6.1.26-1ubuntu1.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 6.1.26-1ubuntu1.2 2019-01-30 21:06:55 UTC

  jetty (6.1.26-1ubuntu1.2) trusty-security; urgency=medium

  * SECURITY UPDATE: Possible Timing Attack.
    - debian/patches/CVE-2017-9735.patch: A timing channel in Password.java.
    - CVE-2017-9735

 -- Eduardo Barretto <email address hidden> Wed, 30 Jan 2019 13:43:03 -0200
Source diff to previous version
CVE-2017-9735 Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by obser

Version: 6.1.26-1ubuntu1.1 2015-04-16 18:06:20 UTC

  jetty (6.1.26-1ubuntu1.1) trusty; urgency=medium

  * Depend on tomcat7 (LP: #1286779)
    - Fixed by taking the tomcat-related part of the changes in 6.1.26-2.
    - Effectively this means the rules files as it was in
      http://anonscm.debian.org/viewvc/pkg-java?view=revision&revision=18019
      and control file as it was in
      http://anonscm.debian.org/viewvc/pkg-java?view=revision&revision=18019
      The other changes in 6.1.26-2 seemed unrelated to tomcat so I have not
      included them in order to keep the patch to a bare minimum.
 -- Hans Joachim Desserud <email address hidden> Sun, 21 Sep 2014 21:25:56 +0200
1286779 Please migrate libjetty-extra-java to tomcat7


About   -   Send Feedback to @ubuntu_updates