[ubuntu/jammy-updates] netty 1:4.1.48-4+deb11u2build0.22.04.1 (Accepted)

Thu Sep 5 15:28:14 UTC 2024

netty (1:4.1.48-4+deb11u2build0.22.04.1) jammy-security; urgency=medium

  * fake sync from Debian

netty (1:4.1.48-4+deb11u2) bullseye-security; urgency=high

  * Team upload.
  * Fix CVE-2023-34462: (Closes: #1038947)
    Guard against high memory usage when parsing ClientHello messages.
  * Fix CVE-2023-44487: (Closes: #1054234)
    The HTTP/2 protocol allows a denial of service (server resource
    consumption) because request cancellation can reset many streams quickly.
  * Add 21-java-17.patch to fix a FTBFS with newer OpenJDK versions.

Date: 2024-08-29 16:34:09.990627+00:00
Changed-By: Paulo Flabiano Smorigo <pfsmorigo at canonical.com>
Maintainer: Debian Java Maintainers <pkg-java-maintainers at lists.alioth.debian.org>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/netty/1:4.1.48-4+deb11u2build0.22.04.1
-------------- next part --------------
Sorry, changesfile not available.