-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-5316-1
security@debian.org https://www.debian.org/security/ Markus Koschany January 11, 2023
https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : netty
CVE ID : CVE-2021-37136 CVE-2021-37137 CVE-2021-43797 CVE-2022-41881
CVE-2022-41915
Debian Bug : 1027180 1014769 1001437
Several out-of-memory, stack overflow or HTTP request smuggling vulnerabilities have been discovered in Netty, a Java NIO client/server socket framework, which may allow attackers to cause a denial of service or bypass restrictions when used as a proxy.
For the stable distribution (bullseye), these problems have been fixed in version 1:4.1.48-4+deb11u1.
We recommend that you upgrade your netty packages.
For the detailed security status of netty please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/netty
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at:
https://www.debian.org/security/
Mailing list:
debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmO/OTVfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeREBA//QmQrVlx87/n7z5FISY20tNkSxAI3/Xqx9IB/ldRLUw8xcttHoDV13H4K JFKuEP6bdZzdzxXCcYGqNlXPjMJqbH6KIEmjIbCthsnbQfNzSXm86eqeZWl33kEG QA1buF47PeyRzuW93JmS+XpjjOWaXA4/MmP14wOqHyu/sorRc4aN5R0/ea+cUSW4 a7Zvb/m/gM5dLm1m88do5oBgJsynZM0fCfLi/Lz2vvSKKap/DJaCcK9sjvyzCRlb 8OqtE+B5eejUIGcBF2TD5BZiZLY5ZIqPBEUZO5g+WMnPRWNUaU/lYqKuTPPlU72A ZUeysGlAyhbPueEd5cIXG7jYUt07VRUFixinXHukhErzWtQU28mY7mA50If+wabO 9Pj/6/76St0XFWWxRNPYFCXeM7oSNdvC8DA7oNahpBMDSP/bJSc+sDdwjp41PjKj zKKHraQMtOCDOWmqeWJUfUdqVa2ptSjUZ/oGBsW4CUkesoS03YAAtGasxlpfhR2o 43V0e7/9YmiBI1ZkpqIZ4vU7siqE6NzCMmvdtYaTQD66P0CJ3FCC/OdSdKSRp0HN Z45D6hUUZdJLJrO8gGfLfZo9aABTlOSuRUcdHLBqOVUUjz7wqlQHH2d63ytf9X93 ATsBST3G5fY5ssKcyxHFtDAsqgbokkCLJ0D7TFM4cY+E7ywpq+I=
=jx2O
-----END PGP SIGNATURE-----
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)