Accepted netty 1:4.1.33-1+deb10u3 (source) into oldstable
- To: debian-lts-changes@lists.debian.org, dispatch@tracker.debian.org
- Subject: Accepted netty 1:4.1.33-1+deb10u3 (source) into oldstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Wed, 11 Jan 2023 22:10:21 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: netty_4.1.33-1+deb10u3_source.changes
- Debian-source: netty
- Debian-suite: oldstable
- Debian-version: 1:4.1.33-1+deb10u3
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.seger; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=E9QbxIKn8xbIRp7JC3lOQJtLxLIRYNfMD9tHv37NxU0=; b=Gv8NsCsP0biW4QZLv6RB8r43fF /WVxb+d6UMwMaCdLeaUB4KjD54TzmeuIbuJA5yZpdilAlBRLgk0AWHG5fqrHIxC8p5PnbUFJ9o8OC YhuunVzwYrBDwL6uuHuJufOmf0kSicAhB+wUInQ2qwaK/uAB2VKYPYIhXPPJutSYfuDFKGb6s1nSX hOho+Fpbzd8P5rpWbVfw1K9ILO2GP9efY5iaPu9aeQDbziX4alkzQOVSRSPYV+mTkkdqHcZeAsvD/ kVrtKOuTmGg0O3NTp1w/HafK5O/p1VjuvTUhTcACligavWz+H+UUcUibBsf6ASEX9AUX3azJwpY3W 06rBIcGg==;
- Mail-followup-to: debian-lts@lists.debian.org
- Message-id: <E1pFjIb-0053v5-6q@seger.debian.org>
- Reply-to: debian-lts@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 11 Jan 2023 22:51:42 CET
Source: netty
Architecture: source
Version: 1:4.1.33-1+deb10u3
Distribution: buster-security
Urgency: high
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Checksums-Sha1:
3198bf9ea642933f2ba55200b3b4c5f1558bb055 2617 netty_4.1.33-1+deb10u3.dsc
b62077488aa3e1c239d42091fd4ca3e0bc89be76 34008 netty_4.1.33-1+deb10u3.debian.tar.xz
fcc34d492b36e285ee440536c4d2e0b90f680cee 14475 netty_4.1.33-1+deb10u3_amd64.buildinfo
Checksums-Sha256:
60b345292371d8eed616aef4eb032979913f6928562231bc7317d509d072fef2 2617 netty_4.1.33-1+deb10u3.dsc
ca500c0246db8ee2916e66e93f102ca1f0d0d2063e1ee05559f7a5f185947762 34008 netty_4.1.33-1+deb10u3.debian.tar.xz
8b506366352214deffc716d26d9241ee1b467483564dfc41c69d42852d48a636 14475 netty_4.1.33-1+deb10u3_amd64.buildinfo
Changes:
netty (1:4.1.33-1+deb10u3) buster-security; urgency=high
.
* Team upload.
* Fix CVE-2021-37136, CVE-2021-37137, CVE-2021-43797, CVE-2022-41881 and
CVE-2022-41915. Several out-of-memory, stack overflow or HTTP request
smuggling vulnerabilities have been discovered in Netty which may allow
attackers to cause a denial of service or bypass restrictions when used as
a proxy.
Files:
e539e12b7e2a2187eec924d115d34b61 2617 java optional netty_4.1.33-1+deb10u3.dsc
83905182531e52fcc617a8627bc96fd5 34008 java optional netty_4.1.33-1+deb10u3.debian.tar.xz
174d18cce4bc4a64318099af318a7975 14475 java optional netty_4.1.33-1+deb10u3_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmO/L3VfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkmVUQAKa//Yl6+Xj8Et8QzZFjw28nU+7I31KdMh9K
qQkTEHpKv76cucaTZAGtG/QjMJ3p09kgh786NXn/p1Lp4g85XbReVvYLDN7qtpMb
DFzKhs2qNvWOtsL8skBdWVP6zap5AWFckopx4Vj0TKsCPecatKXBdh/54MLzxuGH
70n10xhjyroxvgYPNQnXAj0pVrGEYGOjkIfDXAt4cfe8VoZANNZrxQHyRK/A8lnj
1EbIIJPeFrh2DGEn7O/K4mOy+CWWIsaGNaxz7wYLFLfDwelQBLZgzLTG8Ta+3sQg
EP3Cd1nae67xVNpFvk7QP0up1SHUJc4EEOWDUnX4ucO7jlv/vUs7vQIXBhoPbdmW
b9tRczbaNj28Nmsfj3c9U1n8hn0N1PCckt708ky93dPiM6mkNvSJF5V8k+FgIWP4
XQdPYaFBGDIdaPewtMpKZdSf/DlzAuim/C2hIcX4RwMipgdkxwFzy4z8nVAHmpAW
LkxEl6o0RM0tWtG/O4Rac0Oss7R/lOsusy0WIxVgKYvz/ykAhkjieKXo5rb0l+rz
9EY28+Is3q+nbyGZ0miAFlZyLWykQiqUKTkyKf4ni6dnHaN2yeda0yacNE5QMK8g
s4weioVwGvm/K4dyvdDhG26sVh5X7pMcSrM/s5l8mQMHCQd+FJ23Qva4RlpafdmG
fayDltBS
=hfIq
-----END PGP SIGNATURE-----