OBS-URL: https://build.opensuse.org/package/show/Java:packages/jetty-minimal?expand=0&rev=34

2021-06-09 14:50:38 +00:00 · 2021-06-09 14:50:38 +00:00 · f7cb78b6c4
commit f7cb78b6c4
parent 52c32ee859
2 changed files with 10 additions and 10 deletions
--- a/jetty-minimal.changes
+++ b/jetty-minimal.changes
@ -8,11 +8,11 @@ Wed Jun  9 14:07:47 UTC 2021 - Fridrich Strba <fstrba@suse.com>
 Fri May 14 17:01:58 UTC 2021 - Ferdinand Thiessen <rpm@fthiessen.de>

 - Update to version 9.4.40.v20210413
-  * Fix: CVE-2021-28165 - jetty server high CPU when client send
-    data length > 17408
-  * Fix: CVE-2021-28164 - Normalize ambiguous URIs
-  * Fix: CVE-2021-28163 - Exclude webapps directory from deployment
-    scan
+  * Fix: bsc#1184367 CVE-2021-28165 - jetty server high CPU when
+    client send data length > 17408
+  * Fix: bsc#1184368 CVE-2021-28164 - Normalize ambiguous URIs
+  * Fix: bsc#1184366, CVE-2021-28163 - Exclude webapps directory
+    from deployment scan

 -------------------------------------------------------------------
 Fri Mar 12 11:11:07 UTC 2021 - Fridrich Strba <fstrba@suse.com>
--- a/jetty-websocket.changes
+++ b/jetty-websocket.changes
@ -8,11 +8,11 @@ Wed Jun  9 14:07:47 UTC 2021 - Fridrich Strba <fstrba@suse.com>
 Fri May 14 16:57:01 UTC 2021 - Ferdinand Thiessen <rpm@fthiessen.de>

 - Update to version 9.4.40.v20210413
-  * Fix: CVE-2021-28165 - jetty server high CPU when client send
-    data length > 17408
-  * Fix: CVE-2021-28164 - Normalize ambiguous URIs
-  * Fix: CVE-2021-28163 - Exclude webapps directory from deployment
-    scan
+  * Fix: bsc#1184367 CVE-2021-28165 - jetty server high CPU when
+    client send data length > 17408
+  * Fix: bsc#1184368 CVE-2021-28164 - Normalize ambiguous URIs
+  * Fix: bsc#1184366, CVE-2021-28163 - Exclude webapps directory
+    from deployment scan
  * Improve handling of unconsumed content
  * Jetty start.jar always reports jetty.tag.version as master
  * HttpConnection.getBytesIn() incorrect for requests with chunked