Google Git
Sign in
eclipse / www.eclipse.org / jetty / b8f812fa2cddeaa32f8f7db37fe03bc321d772ae^! / .
commitb8f812fa2cddeaa32f8f7db37fe03bc321d772ae[log] [tgz]
authorChris Walker <chris@webtide.com>Tue Aug 31 09:30:17 2021 -0400
committerChris Walker <chris@webtide.com>Tue Aug 31 09:30:17 2021 -0400
tree0b5351a9360c14d5fce344f6b926cce0ee901eee
parent5e9de84d6dfb139aea08c2886ae1c31d9f4f2968 [diff]
Updating security page with missing CVE

diff --git a/content/en_security_processes.php b/content/en_security_processes.php
index bf7684b..bc8955c 100644
--- a/content/en_security_processes.php
+++ b/content/en_security_processes.php

@@ -72,6 +72,7 @@
 - [ ] Edit VERSION.txt and so that the CVE number is now recorded against merged PR.
 - [ ] Edit the <a href="https://github.com/eclipse/jetty.project/releases">release(s)</a> on Github to identify CVE number that was addressed/resolved.
 - [ ] Update downstream images (Docker, etc.).
+- [ ] Update project website with new security entry.
 - [ ] Review security processes & completion.
                 </pre>
             </div>

diff --git a/content/en_security_reports.php b/content/en_security_reports.php
index 69c5b93..a2fc9c1 100644
--- a/content/en_security_reports.php
+++ b/content/en_security_reports.php

@@ -68,6 +68,14 @@
                 </thead>
                 <tbody>
                 <tr>
+                    <td class="tableblock halign-left valign-top"><p class="tableblock">2021/07/15</p></td>
+                    <td class="tableblock halign-left valign-top"><p class="tableblock"><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34429" title="URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security constraints.">CVE-2021-34429</a></p></td>
+                    <td class="tableblock halign-left valign-top"><p class="tableblock">Med</p></td>
+                    <td class="tableblock halign-left valign-top"><p class="tableblock">Med</p></td>
+                    <td class="tableblock halign-left valign-top"><p class="tableblock">9.4.37 - 9.4.42, 10.0.1 - 10.0.5, 11.0.1 - 11.0.5</p></td>
+                    <td class="tableblock halign-left valign-top"><p class="tableblock">9.4.43, 10.0.6, 11.0.6</p></td>
+                </tr>
+                <tr>
                     <td class="tableblock halign-left valign-top"><p class="tableblock">2021/06/22</p></td>
                     <td class="tableblock halign-left valign-top"><p class="tableblock"><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34428" title="If an exception is thrown from the SessionListener#sessionDestroyed() method, then the session ID is not invalidated in the session ID manager.">CVE-2021-34428</a></p></td>
                     <td class="tableblock halign-left valign-top"><p class="tableblock">Low</p></td>