Import Debian changes 1:4.1.48-2
netty (1:4.1.48-2) unstable; urgency=high * Team upload. * Fix CVE-2021-21290: In Netty there is a vulnerability on Unix-like systems involving an insecure temp file. When netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. On unix-like systems, the temporary directory is shared between all user. As such, writing to this directory using APIs that do not explicitly set the file/directory permissions can lead to information disclosure. Thanks to Salvatore Bonaccorso for the report. (Closes: #982580) * Switch to debhelper-compat = 13. * Declare compliance with Debian Policy 4.5.1. netty (1:4.1.48-1) unstable; urgency=medium * Team upload. * New upstream release - Refreshed the patches netty (1:4.1.45-2) unstable; urgency=medium * Team upload. * Enable building of transport-native-kqueue. - Needed to update async-http-client. netty (1:4.1.45-1) unstable; urgency=medium * Team upload. * New upstream release - Fixes CVE-2019-20444, CVE-2019-20445 and CVE-2020-7238 (Closes: #950966, #950967) - Refreshed the patches - Updated the Maven rules - Depend on libnetty-tcnative-java (>= 2.0.28) - Disabled the native image support due to missing dependencies - Disabled the BlockHound integration * Standards-Version updated to 4.5.0 netty (1:4.1.33-3) unstable; urgency=medium * Team upload. * Apply patch for FTBFS on 32-bit architectures. (Closes: #923455) Thank you to Sjoerd Simons for the patch. * Set "Rules-Requires-Root: no" in debian/control * Specify debhelper compat 12 via debhelper-compat dependency * Bump Standards-Version to 4.4.1 netty (1:4.1.33-2) unstable; urgency=high * Team upload. * Correctly handle whitespaces in HTTP header names as defined by RFC7230#section-3.2.4 (CVE-2019-16869) (Closes: #941266)
Showing
- .github/CONTRIBUTING.md 1 addition, 1 deletion.github/CONTRIBUTING.md
- .gitignore 8 additions, 0 deletions.gitignore
- .lgtm.yml 13 additions, 0 deletions.lgtm.yml
- CONTRIBUTING.md 1 addition, 1 deletionCONTRIBUTING.md
- NOTICE.txt 28 additions, 3 deletionsNOTICE.txt
- README.md 5 additions, 5 deletionsREADME.md
- all/pom.xml 67 additions, 16 deletionsall/pom.xml
- bom/pom.xml 38 additions, 38 deletionsbom/pom.xml
- buffer/pom.xml 1 addition, 1 deletionbuffer/pom.xml
- buffer/src/main/java/io/netty/buffer/AbstractByteBuf.java 107 additions, 76 deletionsbuffer/src/main/java/io/netty/buffer/AbstractByteBuf.java
- buffer/src/main/java/io/netty/buffer/AbstractByteBufAllocator.java 7 additions, 9 deletions...c/main/java/io/netty/buffer/AbstractByteBufAllocator.java
- buffer/src/main/java/io/netty/buffer/AbstractDerivedByteBuf.java 10 additions, 0 deletions...src/main/java/io/netty/buffer/AbstractDerivedByteBuf.java
- buffer/src/main/java/io/netty/buffer/AbstractPooledDerivedByteBuf.java 7 additions, 2 deletions...in/java/io/netty/buffer/AbstractPooledDerivedByteBuf.java
- buffer/src/main/java/io/netty/buffer/AbstractReferenceCountedByteBuf.java 37 additions, 106 deletions...java/io/netty/buffer/AbstractReferenceCountedByteBuf.java
- buffer/src/main/java/io/netty/buffer/AdvancedLeakAwareCompositeByteBuf.java 6 additions, 0 deletions...va/io/netty/buffer/AdvancedLeakAwareCompositeByteBuf.java
- buffer/src/main/java/io/netty/buffer/ByteBuf.java 36 additions, 4 deletionsbuffer/src/main/java/io/netty/buffer/ByteBuf.java
- buffer/src/main/java/io/netty/buffer/ByteBufInputStream.java 13 additions, 8 deletionsbuffer/src/main/java/io/netty/buffer/ByteBufInputStream.java
- buffer/src/main/java/io/netty/buffer/ByteBufOutputStream.java 2 additions, 4 deletions...er/src/main/java/io/netty/buffer/ByteBufOutputStream.java
- buffer/src/main/java/io/netty/buffer/ByteBufUtil.java 86 additions, 45 deletionsbuffer/src/main/java/io/netty/buffer/ByteBufUtil.java
- buffer/src/main/java/io/netty/buffer/CompositeByteBuf.java 256 additions, 163 deletionsbuffer/src/main/java/io/netty/buffer/CompositeByteBuf.java
Loading
Please register or sign in to comment