Jetty 9 is a Java based web server and servlet engine. It was discovered that remote attackers may leave many HTTP/2 connections in ESTABLISHED state (not closed), TCP congested and idle. Eventually the server will stop accepting new connections from valid clients which can cause a denial of service.
https://security-tracker.debian.org/tracker/DSA-5664-1
Continue reading...
https://security-tracker.debian.org/tracker/DSA-5664-1
Continue reading...