Advisory: Debian LTS Essential and Critical Security Patch Updates

Find the information you need for your favorite open source distribution .

Debian LTS: DLA-3780-1: jetty9 security update


Jetty 9 is a Java based web server and servlet engine. It was discovered that remote attackers may leave many HTTP/2 connections in ESTABLISHED state (not closed), TCP congested and idle. Eventually the server will stop accepting new connections from valid clients which can cause a denial of service.