Security update for jetty-minimal
Announcement ID: | SUSE-SU-2023:2539-1 |
---|---|
Rating: | moderate |
References: | |
Cross-References: | |
CVSS scores: |
|
Affected Products: |
|
An update that solves two vulnerabilities can now be installed.
Description:
This update for jetty-minimal fixes the following issues:
Updated to version 9.4.51.v20230217: - CVE-2023-26048: Fixed an excessive memory consumption when processing a large multipart request (bsc#1210620) - CVE-2023-26049: Fixed a cookie exfiltration issue due to improper parsing (bsc#1210621).
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
openSUSE Leap 15.4
zypper in -t patch openSUSE-SLE-15.4-2023-2539=1
-
openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2023-2539=1
-
Development Tools Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2023-2539=1
-
Development Tools Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2023-2539=1
-
SUSE Linux Enterprise Real Time 15 SP3
zypper in -t patch SUSE-SLE-Product-RT-15-SP3-2023-2539=1
Package List:
-
openSUSE Leap 15.4 (noarch)
- jetty-fcgi-9.4.51-150200.3.19.2
- jetty-jndi-9.4.51-150200.3.19.2
- jetty-cdi-9.4.51-150200.3.19.2
- jetty-plus-9.4.51-150200.3.19.2
- jetty-util-9.4.51-150200.3.19.2
- jetty-servlet-9.4.51-150200.3.19.2
- jetty-jsp-9.4.51-150200.3.19.2
- jetty-server-9.4.51-150200.3.19.2
- jetty-quickstart-9.4.51-150200.3.19.2
- jetty-client-9.4.51-150200.3.19.2
- jetty-webapp-9.4.51-150200.3.19.2
- jetty-ant-9.4.51-150200.3.19.2
- jetty-start-9.4.51-150200.3.19.2
- jetty-minimal-javadoc-9.4.51-150200.3.19.2
- jetty-annotations-9.4.51-150200.3.19.2
- jetty-continuation-9.4.51-150200.3.19.2
- jetty-proxy-9.4.51-150200.3.19.2
- jetty-jaas-9.4.51-150200.3.19.2
- jetty-openid-9.4.51-150200.3.19.2
- jetty-io-9.4.51-150200.3.19.2
- jetty-xml-9.4.51-150200.3.19.2
- jetty-http-9.4.51-150200.3.19.2
- jetty-jmx-9.4.51-150200.3.19.2
- jetty-http-spi-9.4.51-150200.3.19.2
- jetty-security-9.4.51-150200.3.19.2
- jetty-deploy-9.4.51-150200.3.19.2
- jetty-util-ajax-9.4.51-150200.3.19.2
- jetty-servlets-9.4.51-150200.3.19.2
- jetty-rewrite-9.4.51-150200.3.19.2
-
openSUSE Leap 15.5 (noarch)
- jetty-fcgi-9.4.51-150200.3.19.2
- jetty-jndi-9.4.51-150200.3.19.2
- jetty-cdi-9.4.51-150200.3.19.2
- jetty-plus-9.4.51-150200.3.19.2
- jetty-util-9.4.51-150200.3.19.2
- jetty-servlet-9.4.51-150200.3.19.2
- jetty-jsp-9.4.51-150200.3.19.2
- jetty-server-9.4.51-150200.3.19.2
- jetty-quickstart-9.4.51-150200.3.19.2
- jetty-client-9.4.51-150200.3.19.2
- jetty-webapp-9.4.51-150200.3.19.2
- jetty-ant-9.4.51-150200.3.19.2
- jetty-start-9.4.51-150200.3.19.2
- jetty-minimal-javadoc-9.4.51-150200.3.19.2
- jetty-annotations-9.4.51-150200.3.19.2
- jetty-continuation-9.4.51-150200.3.19.2
- jetty-proxy-9.4.51-150200.3.19.2
- jetty-jaas-9.4.51-150200.3.19.2
- jetty-openid-9.4.51-150200.3.19.2
- jetty-io-9.4.51-150200.3.19.2
- jetty-xml-9.4.51-150200.3.19.2
- jetty-http-9.4.51-150200.3.19.2
- jetty-jmx-9.4.51-150200.3.19.2
- jetty-http-spi-9.4.51-150200.3.19.2
- jetty-security-9.4.51-150200.3.19.2
- jetty-deploy-9.4.51-150200.3.19.2
- jetty-util-ajax-9.4.51-150200.3.19.2
- jetty-servlets-9.4.51-150200.3.19.2
- jetty-rewrite-9.4.51-150200.3.19.2
-
Development Tools Module 15-SP4 (noarch)
- jetty-util-9.4.51-150200.3.19.2
- jetty-http-9.4.51-150200.3.19.2
- jetty-servlet-9.4.51-150200.3.19.2
- jetty-server-9.4.51-150200.3.19.2
- jetty-security-9.4.51-150200.3.19.2
- jetty-util-ajax-9.4.51-150200.3.19.2
- jetty-io-9.4.51-150200.3.19.2
-
Development Tools Module 15-SP5 (noarch)
- jetty-util-9.4.51-150200.3.19.2
- jetty-http-9.4.51-150200.3.19.2
- jetty-servlet-9.4.51-150200.3.19.2
- jetty-server-9.4.51-150200.3.19.2
- jetty-security-9.4.51-150200.3.19.2
- jetty-util-ajax-9.4.51-150200.3.19.2
- jetty-io-9.4.51-150200.3.19.2
-
SUSE Linux Enterprise Real Time 15 SP3 (noarch)
- jetty-util-9.4.51-150200.3.19.2
- jetty-http-9.4.51-150200.3.19.2
- jetty-servlet-9.4.51-150200.3.19.2
- jetty-server-9.4.51-150200.3.19.2
- jetty-security-9.4.51-150200.3.19.2
- jetty-util-ajax-9.4.51-150200.3.19.2
- jetty-io-9.4.51-150200.3.19.2