Debian Security Update DSA-5540-1 jetty9 - security update

Thread starter LinuxBot
Start date Nov 17, 2023

LinuxBot

Member

Nov 17, 2023

#1

Two remotely exploitable security vulnerabilities were discovered in Jetty 9, a Java based web server and servlet engine. The HTTP/2 protocol implementation did not sufficiently verify if HPACK header values exceed their size limit. Furthermore the HTTP/2 protocol allowed a denial of service (server resource consumption) because request cancellation can reset many streams quickly. This problem is also known as Rapid Reset Attack.
https://security-tracker.debian.org/tracker/DSA-5540-1

Continue reading...

You must log in or register to reply here.

Similar threads

Debian Security Update DSA-6005-1 jetty9 - security update

Replies: 0

Views: 223

Sep 19, 2025

LinuxBot

Debian Security Update DSA-6120-1 tomcat10 - security update

Replies: 0

Views: 81

Feb 6, 2026

LinuxBot

Debian Security Update DSA-6121-1 tomcat11 - security update

Replies: 0

Views: 83

Feb 6, 2026

LinuxBot

Debian Security Update DSA-6266-1 nghttp2 - security update

Replies: 0

Views: 72

May 14, 2026

LinuxBot

Debian Security Update DSA-6006-1 jetty12 - security update

Replies: 0

Views: 225

Sep 19, 2025

LinuxBot

Share:

Facebook X Bluesky LinkedIn Reddit Pinterest Tumblr WhatsApp Email Link

Follow Linux.org

Linux.org YouTube Channel

Staff online

wizardfromoz
Administrator

Members online

Total: 2,508 (members: 4, guests: 2,504)

Latest posts

What are Your Takes On "GNU Purism"
- Latest: osprey
- Today at 2:35 AM
General Computing
D
Software Evaluation
- Latest: deb_user
- Today at 1:28 AM
Ubuntu forum
D
Recording and transcribing a meeting to create meeting minutes
- Latest: Danbor
- Yesterday at 11:57 PM
Linux Audio / Video
A
Guidance with bash shell scripting?
- Latest: ArchieLinux
- Yesterday at 11:30 PM
Command Line
Back to sing Linux praises
- Latest: KGIII
- Yesterday at 11:12 PM
General Linux Topics

Top