An unspecified denial of service vulnerability has been reported in Jetty Java HTTP Servlet Server. It is conjectured that this may be exploited remotely. Reproducible: Didn't try Steps to Reproduce: 1. 2. 3. Found in bugtraq: Jetty Unspecified Denial Of Service Vulnerability: http://www.securityfocus.com/bid/9917/discussion/ An unspecified denial of service vulnerability has been reported in Jetty Java HTTP Servlet Server. It is conjectured that this may be exploited remotely. Solution: This issue has been addressed in Jetty 4.2.19.
current version in portage is net-www/jetty-4.2.17 Java herd please put a jetty-4.2.19 in the portage tree.
Updated in portage. 4.2.17 is gone.
Thanks for updatiung zx Reopening bug and changing product so GLSA can be done.
neither 4.2.17 nor 4.2.19 were/are marked stable on any arches (they're both ~masked). As such, closing without issuing a GLSA.