Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted netty 1:4.1.48-7+deb12u1 (source) into proposed-updates
Date: Wed, 22 Nov 2023 13:47:08 +0000
Signed by: Markus Koschany <apo@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 18 Nov 2023 13:46:30 CET
Source: netty
Architecture: source
Version: 1:4.1.48-7+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Checksums-Sha1:
 7601716e4df2ea13d4717ac35ddafcbb58efd751 2601 netty_4.1.48-7+deb12u1.dsc
 022ad0c0c76dd4ba14b1e44d11cf0b99f0feeb2b 1665244 netty_4.1.48.orig.tar.xz
 949cc247c14b4bde3bb8a3376029c484f34a7a97 37364 netty_4.1.48-7+deb12u1.debian.tar.xz
 478c59f6fb00e649f176b08214d860c15b43f5f1 15872 netty_4.1.48-7+deb12u1_amd64.buildinfo
Checksums-Sha256:
 ffe416610620bd48bc14fa9efcd23b5c227d530b23247d4472d9d2c150090e3e 2601 netty_4.1.48-7+deb12u1.dsc
 e5351d821f461f64af58e89f260ad8943b0ab75f26c1a845300a91f22a711600 1665244 netty_4.1.48.orig.tar.xz
 b7ffc1cfba18527ec4a5b5cac071d3699e722209a1803cb55d1ebfa3b68a7063 37364 netty_4.1.48-7+deb12u1.debian.tar.xz
 adeb93986013f4ec8d49d31b96a6f3ba1230b36b6cd6c09d69a04fa4bf3a29df 15872 netty_4.1.48-7+deb12u1_amd64.buildinfo
Closes: 1038947 1054234
Changes:
 netty (1:4.1.48-7+deb12u1) bookworm-security; urgency=high
 .
   * Team upload.
     Fix CVE-2023-34462: (Closes: #1038947)
     Guard against high memory usage when parsing ClientHello messages.
   * Fix CVE-2023-44487: (Closes: #1054234)
     The HTTP/2 protocol allows a denial of service (server resource
     consumption) because request cancellation can reset many streams quickly.
Files:
 c18bf5853eb78e818bfc0fe2bfabd0ee 2601 java optional netty_4.1.48-7+deb12u1.dsc
 ebc25581b3e2b6e1bb47200ba260a636 1665244 java optional netty_4.1.48.orig.tar.xz
 02462e69e5a79744a9cb5b51c4c5718d 37364 java optional netty_4.1.48-7+deb12u1.debian.tar.xz
 8e10678b27fed6e3c3d04cba825668ea 15872 java optional netty_4.1.48-7+deb12u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmVYskFfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkwzQP/0MvGePDQDy+j3NOmC1eysZx7MQXbWbsYKBL
IFLz92TLQjoEFxFVw6f+crVimFXposHljIKYGjM6cEiQ66w8CS5cttoPpoYWJWHe
zK+gciDjXJ4YxpJR+dEDq9mJ1km1W7Uty4Qf2hp/o1N2D58+VQ7fnGA9exDcnPbo
NFhi77JuEEXpshqsGx/OTr/smFkBDHUcMMHo6YB1zRmjAd4WmZ65iLQuo8VjXm9E
/LRTcB7gBf7h0CZNz1UmGzTq6eFYgnCMLhDEPrJLBcbg5VdkEqgZCTsRmpF5gSyl
q5uvPAoQjo4NtDmcCh60VnlXS6iskkCo7HgxidqeUF2jlaxW6MtQ71qTXKochxKR
/KudY5SjJPaFreexxIG0JicmI9khU5FJ0M+QiB7/9rio1xukjlrnLFY5fI8MbmaY
ZilRxmLhorxY2FhMMvwbLJe0uGo4FbQG5+yYwpbwRITzXLNvz3YO5GakibHtEj0x
3KFBBNaCr4qtkV+9okThxHVbVKZTGpWZo7WMakF2LYrAiNp+oIVOVf2S2EA6NXFM
jdfwfqUbN+gfWbr1ffBw6GbtOshhFP2tjIu0YFLrpXGKFDQc5Y21lf5J/Fw8msmb
Yk3e/dh4CFHcYfBuumd3A7MtLFRcGxLE9uiU+hmlBbSeCJrjmodwiAN0l3PUJ7V+
Rn31f6O9
=TRMd
-----END PGP SIGNATURE-----
News for package netty
