UbuntuUpdates.org

Package "libjetty-extra"

Name: libjetty-extra

Description:

Java servlet engine and webserver -- extra libraries

Latest version: 6.1.26-5ubuntu0.1
Release: xenial (16.04)
Level: security
Repository: universe
Head package: jetty
Homepage: http://jetty.mortbay.com

Links


Download "libjetty-extra"


Other versions of "libjetty-extra" in Xenial

Repository Area Version
base universe 6.1.26-5
updates universe 6.1.26-5ubuntu0.1

Changelog

Version: 6.1.26-5ubuntu0.1 2019-01-30 20:06:57 UTC

  jetty (6.1.26-5ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: Possible Timing Attack.
    - debian/patches/CVE-2017-9735.patch: A timing channel in Password.java.
    - CVE-2017-9735

 -- Eduardo Barretto <email address hidden> Wed, 30 Jan 2019 13:45:11 -0200

CVE-2017-9735 Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by obser



About   -   Send Feedback to @ubuntu_updates