Debian Security Update DSA-5540 jetty9 - security update

Thread starter LinuxBot
Start date Oct 31, 2023

LinuxBot

Member

Oct 31, 2023

Two remotely exploitable security vulnerabilities were discovered in Jetty 9, a Java based web server and servlet engine. The HTTP/2 protocol implementation did not sufficiently verify if HPACK header values exceed their size limit. Furthermore the HTTP/2 protocol allowed a denial of service (server resource consumption) because request cancellation can reset many streams quickly. This problem is also known as Rapid Reset Attack.

Continue reading...

You must log in or register to reply here.

Facebook X (Twitter) Reddit Pinterest Tumblr WhatsApp Email Link

Members online

Total: 522 (members: 5, guests: 517)

Latest posts

initramfs question
- Latest: osprey
- 7 minutes ago
General Linux Questions
D
Today's thread is intentionally short...
- Latest: Diputs
- Today at 9:16 AM
Command Line
D
Solved Cron giving me fits
- Latest: Diputs
- Today at 9:14 AM
Command Line
Need help, dwm is killing itself when clicking URLs or links
- Latest: osprey
- Today at 7:26 AM
Desktop
What You Need To Know About Timeshift.
- Latest: Condobloke
- Today at 7:19 AM
General Linux Questions

Top