-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 24 Aug 2020 17:51:50 -0400 Source: netty-3.9 Binary: libnetty-3.9-java Architecture: source Version: 3.9.9.Final-1+deb9u1 Distribution: stretch-security Urgency: high Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org> Changed-By: Roberto C. Sanchez <roberto@debian.org> Description: libnetty-3.9-java - Java NIO client/server socket framework Closes: 941266 950966 950967 Changes: netty-3.9 (3.9.9.Final-1+deb9u1) stretch-security; urgency=high . * Non-maintainer upload by the LTS Team. * Correctly handle whitespaces in HTTP header names as defined by RFC7230#section-3.2.4 (CVE-2019-16869) (Closes: #941266) * Detect missing colon when parsing http headers with no value (CVE-2019-20444) (Closes: #950966) * Correctly handle Content-Length header that is accompanied by a second Content-Length header, or by a Transfer-Encoding header, by removing the extra Content-Length header. (CVE-2019-20445) (Closes: #950967) Checksums-Sha1: 599fb45aa6dc7d1b3588e90aa1b0ebcbee6de855 2280 netty-3.9_3.9.9.Final-1+deb9u1.dsc 36c30d7e885969641af36274e3b25d1965343d61 502444 netty-3.9_3.9.9.Final.orig.tar.xz 52b3444359d9b98ba85d66d76d0b2bfdfeb4a1d0 7828 netty-3.9_3.9.9.Final-1+deb9u1.debian.tar.xz ee959fadd542b9c7a5e390ff94a0bfb77bbfcaf6 15537 netty-3.9_3.9.9.Final-1+deb9u1_amd64.buildinfo Checksums-Sha256: e81154fa5aeec9585a670c62168ca522a2e96f96d168ec1ee978a1903af5578d 2280 netty-3.9_3.9.9.Final-1+deb9u1.dsc 5177942a2c066eb8f0519cba2082351a69069776296eebdca8cd8c3453d46315 502444 netty-3.9_3.9.9.Final.orig.tar.xz f378776ae722bca3b159db71d9c1732039435a4f5db5f581f975378f2ba7d577 7828 netty-3.9_3.9.9.Final-1+deb9u1.debian.tar.xz c4c9fd2fc2ea001fd3f316332d7cde00ba95feb94e884c71b02841b2961023ed 15537 netty-3.9_3.9.9.Final-1+deb9u1_amd64.buildinfo Files: a279e95c7205fbda6e20a21393dfb1bb 2280 java optional netty-3.9_3.9.9.Final-1+deb9u1.dsc 9d4ad8a3e87b2b13529868980b408be4 502444 java optional netty-3.9_3.9.9.Final.orig.tar.xz eaa56977e571d950dc196ae7a5f375e8 7828 java optional netty-3.9_3.9.9.Final-1+deb9u1.debian.tar.xz 144cf7e30e47689d954932f7b720b17d 15537 java optional netty-3.9_3.9.9.Final-1+deb9u1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEz9ERzDttUsU/BH8iLNd4Xt2nsg8FAl9SfnEACgkQLNd4Xt2n sg9DIA//SuUvFDyea6oM16stZii6oUCztqSJr8GtDoebDD2TDag8XlxS1KDn/TQZ coHpFds0yLydwYMLuZxJ6ccRJaExSvvtRG/uM8sRxytMuLfh64WAqA6biMYbmvfF 0/1Ls+nl7GY6nhqSD3SKNfVeJso3yCK8GqhpVtspi9kpVA5TLaBO8Y363DkMD95w 7LhubTNPYS+kOTlhnOPJfdtuU7W35JhcAHbdx+Dg2jY7vQkzwD60TaTFAyL+KEgI 8r1Hd2LnaBq46jfLAcMGd0V3EEf618PztXRvAlWFeNOAJG2NkMUmv4cJTYWV76wA cB+bthZo9xciOXkA2VSZA12UY8XUgaehClXwFJ1QesTg5o1lYUg1qi8spdQKklPX bEZL/tnaOdH8GqjoebbVj72s5GEiTvf94yFlQxIJ3ArGTpzX5gicxcFrU4wJ6Z/H 7+BvIx4t7HFkmzEOAEPSchI9WmZVZLHrVhebOmN4VzglFHTEOATwT/YNVyKhHVFM eYN87J4T5Eh5sTiHjLtSGpIW0BvshshsbTqPw/Kf3T5vZwLxEU9uMezek74f5x/Y tldWULQEff+VL1c6Y1XhpNFjgo8uA5IcxLTFwSbfoLFVwMrKoilEZLMxzXu8qGmA BZcRKBeD1K9wV6y4pGEizIT7QQk+non0p7D+ZLQ5Xcqb/tY1Hws= =PQZO -----END PGP SIGNATURE-----
