View Issue Details

IDProjectCategoryView StatusLast Update
0006176SymmetricDSBugpublic2024-01-09 16:18
Reporterelong Assigned Toelong  
Prioritynormal 
Status closedResolutionfixed 
Product Version3.15.0 
Target Version3.15.3Fixed in Version3.15.3 
Summary0006176: Upgrade Jetty
DescriptionUpgrade Jetty to fix CVE-2023-36478 and CVE-2023-44487 which are vulnerabilities in HTTP/2 protocol handling. SymmetricDS has HTTP/2 disabled by default, so it should not be exploitable out of the box.
Tagssecurity

Relationships

related to 0006175 closedelong Upgrade Jetty 

Activities

There are no notes attached to this issue.

Related Changesets

SymmetricDS: 3.15 530cd518

2024-01-04 15:37:29

admin

Details Diff
0006176: Upgrade Jetty Affected Issues
0006176
mod - symmetric-assemble/common.gradle Diff File

Issue History

Date Modified Username Field Change
2024-01-04 15:36 elong New Issue
2024-01-04 15:36 elong Status new => assigned
2024-01-04 15:36 elong Assigned To => elong
2024-01-04 15:36 elong Tag Attached: security
2024-01-04 15:36 elong Issue generated from: 0006175
2024-01-04 15:36 elong Relationship added related to 0006175
2024-01-04 15:37 elong Status assigned => resolved
2024-01-04 15:37 elong Resolution open => fixed
2024-01-04 15:37 elong Fixed in Version => 3.15.3
2024-01-09 16:18 admin Changeset attached => SymmetricDS 3.15 530cd518
2024-02-05 18:58 admin Status resolved => closed