On Wed, 19 Aug 2015 16:59:58 +0200 Moritz Muehlenhoff
wrote:
> This was assigned CVE-2015-2156:
> http://netty.io/news/2015/05/08/3-9-8-Final-and-3.html
I got a look at this issue, the packages depending on libnetty-java in
squeeze/wheezy/jessie do not use the CookieDecoder and aren't affected
b
Le Thu, Aug 20, 2015 at 05:27:34PM +0200, Emmanuel Bourg a écrit :
> Le 20/08/2015 13:40, Charles Plessy a écrit :
>
> > Is that because of incompatibility ? If libnetty-java is still needed,
> > would
> > it be possible to transfer it under the umbrella of the Debian Java team ?
>
> Hi Charles
Le 20/08/2015 13:40, Charles Plessy a écrit :
> Is that because of incompatibility ? If libnetty-java is still needed, would
> it be possible to transfer it under the umbrella of the Debian Java team ?
Hi Charles,
I did the transfer to libnetty-3.9-java and I'm working on packaging
netty 4.x. I
Le Wed, Aug 19, 2015 at 04:59:58PM +0200, Moritz Muehlenhoff a écrit :
> Source: netty
> Severity: grave
> Tags: security
>
> This was assigned CVE-2015-2156:
> http://netty.io/news/2015/05/08/3-9-8-Final-and-3.html
>
> Fix:
> https://github.com/slandelle/netty/commit/800555417e77029dcf8a31d7de44
Source: netty
Severity: grave
Tags: security
This was assigned CVE-2015-2156:
http://netty.io/news/2015/05/08/3-9-8-Final-and-3.html
Fix:
https://github.com/slandelle/netty/commit/800555417e77029dcf8a31d7de44f27b5a8f79b8.patch
In addition to src:netty (3.2.6), there's also src:netty-3.9 (3.9.0)
5 matches
Mail list logo
