Information on source package netty

Available versions

ReleaseVersion
stretch1:4.1.7-2+deb9u1
stretch (security)1:4.1.7-2+deb9u2
buster1:4.1.33-1+deb10u1
bullseye1:4.1.48-1
sid1:4.1.48-1

Open issues

BugstretchbusterbullseyesidDescription
CVE-2020-7238fixedvulnerablefixedfixedNetty 4.1.43.Final allows HTTP Request Smuggling because it mishandles ...
CVE-2020-11612fixedvulnerablefixedfixedThe ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memo ...
CVE-2019-20445fixedvulnerablefixedfixedHttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length ...
CVE-2019-20444fixedvulnerablefixedfixedHttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header th ...

Resolved issues

BugDescription
CVE-2019-16869Netty before 4.1.42.Final mishandles whitespace before the colon in HT ...
CVE-2016-4970handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and ...
CVE-2015-2156Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x before 4.0 ...
CVE-2014-3488The SslHandler in Netty before 3.9.2 allows remote attackers to cause ...
CVE-2014-0193WebSocket08FrameDecoder in Netty 3.6.x before 3.6.9, 3.7.x before 3.7. ...

Security announcements

DSA / DLADescription
DLA-2364-1netty - security update
DLA-2109-1netty - security update
DSA-4597-1netty - security update
DLA-1941-1netty - security update

Search for package or bug name: Reporting problems