From e5a5580b9ddefc04f897c56c44c5fb771369013f Mon Sep 17 00:00:00 2001
From: Sylvain Beucler <beuc@beuc.net>
Date: Fri, 11 Jun 2021 15:47:11 +0200
Subject: CVE-2021-28169/jetty: reference patch

---
 data/CVE/list | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'data')

diff --git a/data/CVE/list b/data/CVE/list
index cfb63652ea..428edaa679 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -15319,6 +15319,8 @@ CVE-2021-28169 (For Eclipse Jetty versions &lt;= 9.4.40, &lt;= 10.0.2, &lt;= 11.
 	- jetty8 <removed>
 	- jetty <removed>
 	NOTE: https://github.com/eclipse/jetty.project/security/advisories/GHSA-gwcr-j4wh-j3cq
+	NOTE: https://github.com/eclipse/jetty.project/issues/6263
+	NOTE: https://github.com/eclipse/jetty.project/commit/1c05b0bcb181c759e98b060bded0b9376976b055 (v9.4.41)
 CVE-2021-28168 (Eclipse Jersey 2.28 to 2.33 and Eclipse Jersey 3.0.0 to 3.0.1 contains ...)
 	NOT-FOR-US: Eclipse Jersey
 CVE-2021-28167 (In Eclipse Openj9 to version 0.25.0, usage of the jdk.internal.reflect ...)
-- 
cgit v1.2.3