CVE-2019-17638,jetty9: Stretch and Buster are not affected

The vulnerable code was introduced in version 9.4.27.
author: Markus Koschany <apo@debian.org> 2020-09-10 16:21:46 +0200
committer: Markus Koschany <apo@debian.org> 2020-09-10 16:21:46 +0200
commit: f9776720be57516f6bf2b16e80ed06d7b28f19b1 (patch)
tree: 082e47cb347de28ee530affb17b834030ed1448a /data/CVE/2019.list
parent: 2b2a5f74fc34c4e41e720cdfa154c0ccb8769b1b (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index fd4a6bb0f0..fc980ae5dd 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -8202,6 +8202,8 @@ CVE-2019-17639 (In Eclipse OpenJ9 prior to version 0.21 on Power platforms, call
 	NOT-FOR-US: IBM JDK specific issue on on AIX and Linux on the Power platform
 CVE-2019-17638 (In Eclipse Jetty, versions 9.4.27.v20200227 to 9.4.29.v20200521, in ca ...)
 	- jetty9 9.4.31-1
+	[buster] - jetty9 <not-affected> (vulnerable code was introduced in 9.4.27)
+	[stretch] - jetty9 <not-affected> (vulnerable code was introduced in 9.4.27)
 	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=564984
 	NOTE: https://github.com/eclipse/jetty.project/issues/4936
 CVE-2019-17637 (In all versions of Eclipse Web Tools Platform through release 3.18 (20 ...)
author	Markus Koschany <apo@debian.org>	2020-09-10 16:21:46 +0200
committer	Markus Koschany <apo@debian.org>	2020-09-10 16:21:46 +0200
commit	f9776720be57516f6bf2b16e80ed06d7b28f19b1 (patch)
tree	082e47cb347de28ee530affb17b834030ed1448a /data/CVE/2019.list
parent	2b2a5f74fc34c4e41e720cdfa154c0ccb8769b1b (diff)