Publishing details

Published on 2024-02-28

Changelog

netty (1:4.1.48-7ubuntu0.1) mantic-security; urgency=medium

  * SECURITY UPDATE: Uncontrolled Resource Consumption
    - debian/patches/CVE-2023-34462.patch: netty-handler SniHandler 16MB
      allocation.
    - debian/patches/CVE-2023-44487.patch: HTTP/2 Rapid Reset Attack - DDoS
      vector in the HTTP/2 protocol due RST frames.
    - CVE-2023-34462
    - CVE-2023-44487

 -- Paulo Flabiano Smorigo <email address hidden>  Wed, 28 Feb 2024 11:43:08 -0300

Available diffs

diff from 1:4.1.48-7 (in Debian) to 1:4.1.48-7ubuntu0.1 (5.5 KiB)

Builds

amd64

Built packages

libnetty-java Java NIO client/server socket framework

Package files

libnetty-java_4.1.48-7ubuntu0.1_all.deb (3.4 MiB)
netty_4.1.48-7ubuntu0.1.debian.tar.xz (36.4 KiB)
netty_4.1.48-7ubuntu0.1.dsc (2.5 KiB)
netty_4.1.48.orig.tar.xz (1.6 MiB)