netty 1:4.1.48-10 source package in Ubuntu
Changelog
netty (1:4.1.48-10) unstable; urgency=high
* Team upload.
* Fix CVE-2024-29025:
Julien Viet discovered that Netty, a Java NIO client/server socket
framework, was vulnerable to allocation of resources without limits or
throttling due to the accumulation of data in the HttpPostRequestDecoder.
This would allow an attacker to cause a denial of service.
Thanks to Salvatore Bonaccorso for the report. (Closes: #1068110)
-- Markus Koschany <email address hidden> Sun, 12 May 2024 21:20:10 +0200
Upload details
- Uploaded by:
- Debian Java Maintainers
- Uploaded to:
- Sid
- Original maintainer:
- Debian Java Maintainers
- Architectures:
- all
- Section:
- java
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Oracular | release | universe | java |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| netty_4.1.48-10.dsc | 2.5 KiB | 20405785f7dbf3dfa6acab842843fd11325d070fe7933a31f3c1a5df1b262667 |
| netty_4.1.48.orig.tar.xz | 1.6 MiB | e5351d821f461f64af58e89f260ad8943b0ab75f26c1a845300a91f22a711600 |
| netty_4.1.48-10.debian.tar.xz | 42.1 KiB | 6db4654cec7819c9584f1aff7a4ba2c3712d20ab6eb8b515695bc5ef6af55b94 |
Available diffs
- diff from 1:4.1.48-9 to 1:4.1.48-10 (3.5 KiB)
No changes file available.
Binary packages built by this source
- libnetty-java: Java NIO client/server socket framework
Netty is a Java NIO client/server framework which enables quick and easy
development of network applications such as protocol servers and clients.
It greatly simplifies and streamlines network programming such as TCP and UDP
socket server.
