Jetty has moved!
Jetty is a project at the Eclipse Foundation.
Homepage:http://www.eclipse.org/jetty
Downloads: http://download.eclipse.org/jetty/
Documentation:http://www.eclipse.org/jetty/documentation/current/
About:http://www.eclipse.org/jetty/about.php
Jetty Powered:http://www.eclipse.org/jetty/powered/
Contact the core Jetty developers at www.webtide.com
private support for your internal/customer projects ... custom extensions and distributions ... versioned snapshots for indefinite support ... scalability guidance for your apps and Ajax/Comet projects ... development services from 1 day to full product delivery
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Next »

Jetty Security Reports

Date

ID

Severity

Fixed Version

Comment

22/11/2006

CVE-2006-6969

high

6.1.0pre3, 6.0.2, 5.1.12, 4.2.27

Session ID predictability

1/6/2006

CVE-2006-2759

medium

6.0.0Beta17

JSP source visibility

5/1/2006

 

medium

5.1.10

Fixed // security constraint bypass on windows

18/11/2005

CVE-2006-2758

medium

5.1.6, 6.0.0Beta4

JSP source visibility

4/2/2004

JSSE 1.0.3_01

medium

4.2.7

Upgraded JSSE to obtain downstream security fix

22/9/2002

 

high

4.1.0

Fixed CGI servlet remove exploit

12/3/2002

 

medium

4.0.RC2, 3.1.7

Fixed // security constraint bypass

21/10/2001

 

medium

3.1.3

Fixed trailing null security constraint bypass

  • No labels
Contact the core Jetty developers at www.webtide.com
private support for your internal/customer projects ... custom extensions and distributions ... versioned snapshots for indefinite support ... scalability guidance for your apps and Ajax/Comet projects ... development services from 1 day to full product delivery