Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted netty 1:4.1.48-8 (source) into unstable
Date: Sat, 11 Nov 2023 22:54:34 +0000
Signed by: Markus Koschany <apo@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 05 Nov 2023 21:07:13 +0100
Source: netty
Architecture: source
Version: 1:4.1.48-8
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Closes: 1038947 1054234
Changes:
 netty (1:4.1.48-8) unstable; urgency=medium
 .
   * Team upload.
   * Fix CVE-2023-34462: (Closes: #1038947)
     Guard against high memory usage when parsing ClientHello messages.
   * Fix CVE-2023-44487: (Closes: #1054234)
     The HTTP/2 protocol allows a denial of service (server resource
     consumption) because request cancellation can reset many streams quickly.
Checksums-Sha1:
 099109e3fd09f666089646b349c9a24660beb05e 2569 netty_4.1.48-8.dsc
 f4c8f8d200fda87fc20794932262479a22a91544 37348 netty_4.1.48-8.debian.tar.xz
 f4dc0128f13e6feea7b2bce3904e6d0a916825b6 15786 netty_4.1.48-8_amd64.buildinfo
Checksums-Sha256:
 b4427898035f61e41d1e552287f66e626982b2adb82a2f2c8d9f2cee4a93a2c2 2569 netty_4.1.48-8.dsc
 6db53553a4e4c2bab10335559cf52b99a2c81562278537f133e06f89aa77992e 37348 netty_4.1.48-8.debian.tar.xz
 4955cef3376271e43e213089ba138cff32819bd2e42eae99e1b3f6c31f8077d2 15786 netty_4.1.48-8_amd64.buildinfo
Files:
 de556471ecbe2fb223a48f30540e80ea 2569 java optional netty_4.1.48-8.dsc
 8a14bee6a845c0dea1c0dc7998c9dc6e 37348 java optional netty_4.1.48-8.debian.tar.xz
 e54944a999ddfd6fc473c5bba980de39 15786 java optional netty_4.1.48-8_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmVQAFpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkhKkP/04kJDSiIJo0x0qbx0fSXXsg1BzJHecv1XpP
bFYolOg5VKWGT18u6cuVbidoHYcSg94ITyffwvvuaOAQw5CPnKPNN3elO1vvr4v6
45Sy+tfkyXQmerfsET+8PcUp5n8/bX1ehepHS7xGGYm4MbQxts7JXbE+veaWnXsh
OmlKmIU3GRfAm4EUlHIie6zyimJv9xGzbsv8lB4W+5QKYkO1rTBzWUwd7wwNaH7H
vrj2Jg16wGmXzYtW3X0GDkJ7JE0i5FFdeZSZK34HVN3V5E75a6dJMJ3sh4pexDUp
IzU6/LuEE0pstDfwNYR/jJJX3+gY7lggyfFiJy21GU0/LWFezBvu6Bq1oyRR5F0a
0qt6w5G1DNue8OCqKHCLB/2sWG4Qecc2hBYFTC9VazV8WiIaFCtMzQkssNdyA8/j
6X3wXMWB5KV7Y92zvWD9fZBViX5SjKM/wBnf7pUHVm1E6qkKuvgBA/yJbek7xtdF
EwH0/DKsPISNwpdfZoAoEBCczYlkrmHssa6JupTe9gvMuIkFr0hpTiREtbkI+lyP
1VrbVlAEBimhLth1V52it6MEJzIpIrjWDvmEfFLDpbZ7HnkoLR0p87x5fQO+Ldtg
nbXfmuSsEaug5joFPfdNUGXYw9iSBqPLTZKwdRUiyfwfUPxSsQqfjkYiC9FsWCim
3QSOZq4t
=tbJd
-----END PGP SIGNATURE-----

News for package netty