Accepted netty 1:4.1.48-7+deb12u1 (source) into proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted netty 1:4.1.48-7+deb12u1 (source) into proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Wed, 22 Nov 2023 13:47:08 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: netty_4.1.48-7+deb12u1_source.changes
- Debian-source: netty
- Debian-suite: proposed-updates
- Debian-version: 1:4.1.48-7+deb12u1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=HueiplJLeStVHWMLOYfzSBFdw5ddu0Dy+/uMOjHd2Ew=; b=ZEwqvVoty49uUDJkwprLI1aRSv dEi6+uTp+i6AzAp+sOxW+xG6sv38G1mRIKmWX+dlXaiNQP4yTHbTcmlSx89y/ENQCb6Tn+9CHhRS5 /1vgVHgjhri3fLIDMWhH883fSz17gtNVX9y9D4FrjWXLpXnHLb7DHbIzgXYPWb+EdzCmBbwt8LkQ2 y1k31ROq45AnDrKMg680odLQKI2o/wtahhq7u1vGYU2MAywxbglfOo0dXcf1KgNSmwjZ6Gz1t+t3k 8oHoaEOYadaWlOu9hmbAztPqHp2GzmH7WJfXKp7Ft8xiJg3VmwY8UMglL6MfElf0uV/OrjeaFeI6c 1WPJaxsQ==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1r5nZM-001gCe-6m@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 18 Nov 2023 13:46:30 CET
Source: netty
Architecture: source
Version: 1:4.1.48-7+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Checksums-Sha1:
7601716e4df2ea13d4717ac35ddafcbb58efd751 2601 netty_4.1.48-7+deb12u1.dsc
022ad0c0c76dd4ba14b1e44d11cf0b99f0feeb2b 1665244 netty_4.1.48.orig.tar.xz
949cc247c14b4bde3bb8a3376029c484f34a7a97 37364 netty_4.1.48-7+deb12u1.debian.tar.xz
478c59f6fb00e649f176b08214d860c15b43f5f1 15872 netty_4.1.48-7+deb12u1_amd64.buildinfo
Checksums-Sha256:
ffe416610620bd48bc14fa9efcd23b5c227d530b23247d4472d9d2c150090e3e 2601 netty_4.1.48-7+deb12u1.dsc
e5351d821f461f64af58e89f260ad8943b0ab75f26c1a845300a91f22a711600 1665244 netty_4.1.48.orig.tar.xz
b7ffc1cfba18527ec4a5b5cac071d3699e722209a1803cb55d1ebfa3b68a7063 37364 netty_4.1.48-7+deb12u1.debian.tar.xz
adeb93986013f4ec8d49d31b96a6f3ba1230b36b6cd6c09d69a04fa4bf3a29df 15872 netty_4.1.48-7+deb12u1_amd64.buildinfo
Closes: 1038947 1054234
Changes:
netty (1:4.1.48-7+deb12u1) bookworm-security; urgency=high
.
* Team upload.
Fix CVE-2023-34462: (Closes: #1038947)
Guard against high memory usage when parsing ClientHello messages.
* Fix CVE-2023-44487: (Closes: #1054234)
The HTTP/2 protocol allows a denial of service (server resource
consumption) because request cancellation can reset many streams quickly.
Files:
c18bf5853eb78e818bfc0fe2bfabd0ee 2601 java optional netty_4.1.48-7+deb12u1.dsc
ebc25581b3e2b6e1bb47200ba260a636 1665244 java optional netty_4.1.48.orig.tar.xz
02462e69e5a79744a9cb5b51c4c5718d 37364 java optional netty_4.1.48-7+deb12u1.debian.tar.xz
8e10678b27fed6e3c3d04cba825668ea 15872 java optional netty_4.1.48-7+deb12u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmVYskFfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkwzQP/0MvGePDQDy+j3NOmC1eysZx7MQXbWbsYKBL
IFLz92TLQjoEFxFVw6f+crVimFXposHljIKYGjM6cEiQ66w8CS5cttoPpoYWJWHe
zK+gciDjXJ4YxpJR+dEDq9mJ1km1W7Uty4Qf2hp/o1N2D58+VQ7fnGA9exDcnPbo
NFhi77JuEEXpshqsGx/OTr/smFkBDHUcMMHo6YB1zRmjAd4WmZ65iLQuo8VjXm9E
/LRTcB7gBf7h0CZNz1UmGzTq6eFYgnCMLhDEPrJLBcbg5VdkEqgZCTsRmpF5gSyl
q5uvPAoQjo4NtDmcCh60VnlXS6iskkCo7HgxidqeUF2jlaxW6MtQ71qTXKochxKR
/KudY5SjJPaFreexxIG0JicmI9khU5FJ0M+QiB7/9rio1xukjlrnLFY5fI8MbmaY
ZilRxmLhorxY2FhMMvwbLJe0uGo4FbQG5+yYwpbwRITzXLNvz3YO5GakibHtEj0x
3KFBBNaCr4qtkV+9okThxHVbVKZTGpWZo7WMakF2LYrAiNp+oIVOVf2S2EA6NXFM
jdfwfqUbN+gfWbr1ffBw6GbtOshhFP2tjIu0YFLrpXGKFDQc5Y21lf5J/Fw8msmb
Yk3e/dh4CFHcYfBuumd3A7MtLFRcGxLE9uiU+hmlBbSeCJrjmodwiAN0l3PUJ7V+
Rn31f6O9
=TRMd
-----END PGP SIGNATURE-----