Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted jetty9 9.4.54-1 (source) into unstable
Date: Sat, 06 Apr 2024 11:20:05 +0000
Signed by: Markus Koschany <apo@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 06 Apr 2024 12:54:58 +0200
Source: jetty9
Architecture: source
Version: 9.4.54-1
Distribution: unstable
Urgency: high
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Closes: 1064923
Changes:
 jetty9 (9.4.54-1) unstable; urgency=high
 .
   * Team upload.
   * New upstream version 9.4.54.
     - Fix CVE-2024-22201:
       It was discovered that remote attackers may leave many HTTP/2 connections
       in ESTABLISHED state (not closed), TCP congested and idle. Eventually the
       server will stop accepting new connections from valid clients which can
       cause a denial of service. (Closes: #1064923)
       Thanks to Salvatore Bonaccorso for the report.
Checksums-Sha1:
 6f7ec9eca790dda15ebefa4cdef5ba1f5ec7cb70 2804 jetty9_9.4.54-1.dsc
 0916554e9ad12ec48e0a141e07012e263bbe7c4f 9877252 jetty9_9.4.54.orig.tar.xz
 646b89885eab28846d1430c9a442b6032eeb9f3f 30480 jetty9_9.4.54-1.debian.tar.xz
 970f196a4279d640f1eb04705566e5ac1112dc3b 19404 jetty9_9.4.54-1_amd64.buildinfo
Checksums-Sha256:
 674811a262d25aa3534275d44b009341eb1e37aef7a379a50954923f226a1124 2804 jetty9_9.4.54-1.dsc
 8fd58cfa055424cae97ce2dc7e2b5b717ff390e7aeecc72998c21a23bea9104c 9877252 jetty9_9.4.54.orig.tar.xz
 351edbed121652049c6fc83d49738884fc258d5bf72b7fcb1922b3a291b17748 30480 jetty9_9.4.54-1.debian.tar.xz
 f07de135abafc7e3d1ccbfdeaa568e1f80c70464cf42bb46d0f1b65bff2ff6b2 19404 jetty9_9.4.54-1_amd64.buildinfo
Files:
 55703a729cce7be9fcb0e2d2c656b1c5 2804 java optional jetty9_9.4.54-1.dsc
 e98515258f92ec2b1aea4f0d71167069 9877252 java optional jetty9_9.4.54.orig.tar.xz
 993e59e5b0225080b5381a18f2170bf6 30480 java optional jetty9_9.4.54-1.debian.tar.xz
 38794c89605a432b735a57df50e7a7be 19404 java optional jetty9_9.4.54-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmYRLABfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkimUQALrTr2l/4/E0FLy1vQUwIKe5NV3LkKT3yhtc
sDKrOKWaKb712hPhtX8uH6VNI1PJAMJsUODf6KsqVlGlBLn4TdI41a2hTsriNTBy
gyesprqXDWNUd7Iyr/Cf6ivD6R1qzZg+lswCK4xB4v2krW/vRhlAhZT6XdpBRO1c
idVhGNX6vja9idyiJfKMSEA/A6gEpUPxRTEvA3MR0Lo04dkSc0WY0MX5Cl7Y45Xv
gbVQP2JTpPRzY9atNDEbro2fl9lDRgW7ygblpMyiAJKcYjynC43kU80ulpp/2OgU
YYRWpra1DawotAg4SmWwtVtXxEJ/e53SpvWRp7pN7uRJkPy7HntgkOIIQGJ9FJae
prN9ae0CHZn1QIsiLonKrdjgKEIqHBl0D3bQzR9yDPb81BwesXF/n7qzpM1iuFZj
2mGZ5/gj76HjmVg6pb6LZXjLF+t4wfRg8mr1xARMxk5RZdbmAyNN5XQ/0ZmbGpvu
SaAvwJnjg4jUyE1/vXKX9ASX7DXjEpNq0RwHCcRXVTm9vInosKQUKnqSPNzKVE74
nPgY/KIKNe+E5t5LbcBqZ67ebI9LkQ5tOUNyVI4fLEFf3RgGdOMN4/cTgTF7tzmK
zv3dIX5nLB5dEAVAXGz+Zo6P5Adw1Lz4xAuJQWr1zWB+kKZ6yhlitU5JnHINiOUM
K+SeftRN
=iteK
-----END PGP SIGNATURE-----
News for package jetty9
