Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-lts-changes@lists.debian.org> , <dispatch@tracker.debian.org>
Subject: Accepted netty 1:4.1.33-1+deb10u5 (source) into oldoldstable
Date: Fri, 21 Jun 2024 19:40:19 +0000
Signed by: Markus Koschany <apo@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 21 Jun 2024 21:27:45 CEST
Source: netty
Architecture: source
Version: 1:4.1.33-1+deb10u5
Distribution: buster-security
Urgency: high
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Checksums-Sha1:
 17f9776c5bc840a68b9d6f208fe77c0cda3d812f 2617 netty_4.1.33-1+deb10u5.dsc
 9b35ee39d22a438c6cbf877d0f76124bbef56406 89792 netty_4.1.33-1+deb10u5.debian.tar.xz
 3ec82da55d03e903042fac55547d73c98b309fb0 14591 netty_4.1.33-1+deb10u5_amd64.buildinfo
Checksums-Sha256:
 932b6133475d8b8e8238ba8f8b7d3f1717270a329da9a709accfd1fd4648db7e 2617 netty_4.1.33-1+deb10u5.dsc
 d96f9f88fafb5162d0acf722a366f34e893d37dd89eb9b84847053eb41c4d1d5 89792 netty_4.1.33-1+deb10u5.debian.tar.xz
 f7d9d39b935ee9adff67e12921ef60c93ec2333c479c4dabdafe1c358fcf3bf9 14591 netty_4.1.33-1+deb10u5_amd64.buildinfo
Changes:
 netty (1:4.1.33-1+deb10u5) buster-security; urgency=high
 .
   * Team upload.
   * Julien Viet discovered that Netty, a Java NIO client/server socket
     framework, was vulnerable to allocation of resources without limits or
     throttling due to the accumulation of data in the HttpPostRequestDecoder.
     This would allow an attacker to cause a denial of service.
Files:
 c62824e3cfc68f73e07b811619d6a698 2617 java optional netty_4.1.33-1+deb10u5.dsc
 a5c63a0f0571eaeb5836095a53b26d8f 89792 java optional netty_4.1.33-1+deb10u5.debian.tar.xz
 4b96a983ed6b1322ff6971478098fb7f 14591 java optional netty_4.1.33-1+deb10u5_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmZ11J1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkV6kQAKx8xvH7q6kim61oyv1fhCd0ddW13XeGJsQE
VTTDnltWbOCCXRvK3vBowq1J+YSyul5zB9WkHoDvTknbUPFO9jwzlzLDOYeO41KM
U4PJpcn3t2+aWBcih6EqxVXG+/0F3R9NmFClBUe4rXCcLc31mZBIvlQ4iVbVcP1V
uoIhnc1t29TxthYK9Uy+iycPh2MkwUm0Ij9DoHFKjtx1hxjbcNqD8oBeBdwUna7n
GQez3IFg/QnR6d/ZOrc1lCBbjVnUbGQNhBZKOyS57wLCT6t2M5uqJNkJF857xOi4
XlnqMmUdEY79KbyuJutmAGuEci8cPsHawPUv1Y6WegJN0rd2BPDemvLh8LAwJMVS
KthPOFM9Pe5yr0327/xtbrmRi9iKuMpexo+wLTg9au/iU7oTkNsYN8djz0JSHcDd
tidaVIQ/wRbgfn0QqE4Ee8v0FpNBOOwTrwhSl7tRiCJFYm/wZ9IDRsieIiGW1J/7
EiSTd/FQbA0HCZ1+E99ODFKCMxZA9tFPdlVixM92AOWZGwMne2GHCmpQyhWzjeHO
lMn3FPERNugPnyBdJLoDY0fiPStESZqEBUh9WftZKZIStqCc1Wdofk5pzJDWxyiK
Prj7eX3BXAG5VTb+mXBiNDmPbonTTs1h0fYJsv3ZM1Vif9dNj9Rf1gKFrs7cVGJP
vxQekkpR
=p9of
-----END PGP SIGNATURE-----

News for package netty