AArch64 | |
ppc64le | |
s390x | |
x86-64 |
- Upgrade to latest upstream version 4.1.60 * fixes: bsc#1183262, CVE-2021-21295: HTTP/2 request Content-Length header field is not validated by 'Http2MultiplexHandler' - Modified patches: * 0001-Remove-optional-dep-Blockhound.patch * 0002-Remove-optional-dep-conscrypt.patch * 0003-Remove-optional-deps-jetty-alpn-and-npn.patch * 0004-Remove-optional-dep-tcnative.patch * 0005-Remove-optional-dep-log4j.patch * 0006-revert-Fix-native-image-build.patch + rediff to changed context - Added patch: * 0007-Revert-Support-session-cache-for-client-and-server-w.patch + revert optional disabled cache implementation that conflicts with our 0004-Remove-optional-dep-tcnative.patch
- Added patch: * netty-CVE-2020-11612.patch + bsc#1168932, CVE-2020-11612 + bsc#1169082, CVE-2020-10707
- Split pom-only artifacts into a subpackage netty-pom in order to generate their dependencies correctly
- Initial packaging of netty 4.1.13
- Upgrade to upstream version 4.1.100 * Fixes of 4.1.100: + DDoS vector in the HTTP/2 protocol due RST frames (bsc#1216169, CVE-2023-44487) + Do not fail when compressing empty HttpContent * Fixes of 4.1.99: + Do not try to delete a global handle with the local handles APIs + Enable build with JDK21 + dyld: lazy symbol binding failed: Symbol not found: _netty_jni_util_JNI_OnLoad * Fixes of 4.1.98: + Revert "HttpHeaderValidationUtil should reject chars past the 1 byte range" + Filter out unresolved addresses when parsing resolv.conf + Prevent classloader leak via JNI + SSLSession.getPeerCertificateChain() should throw UnsupportedOperationException if javax.security.cert .X509Certificate can not be created + Enable client side session cache when using native SSL by default * Fixes of 4.1.97: + Fixing AsciiString#lastIndexOf To Respect The offset + Add support for snappy http2 content decompression + Add support for password-based encryption scheme 2 params + HttpHeaderValidationUtil should reject chars past the 1 byte range + Honor SslHandler.setWrapDataSize greater than SSL packet length + Add support for snappy http content encoding * Fixes of 4.1.96: + Move the PoolThreadCache finalizer to a separate object + Fix kevent(..) failed: Invalid argument + Revert "Always increment Stream Id on createStream" to fix bug which caused sending multiple RST frames for the same id * Fixes of 4.1.95 + Add resource leak listener + Reduce object allocations during SslHandler.flush(...) + Ensure ByteBuf.capacity(...) will never throw AssertionError + Make transport.Bootstrap usable with no netty-resolver on classpath + Correctly retain slice when calling ReplayingDecoderByteBuf.retainedSlice(...) + Always increment Stream Id on createStream(...) + Fix BrotliEncoder bug that does not mark ByteBuf it encodes a read + Enhance CertificateException message when throw due hostname validation - Rebased patches: * 0001-Remove-optional-dep-Blockhound.patch * 0002-Remove-optional-dep-conscrypt.patch * 0003-Remove-optional-deps-jetty-alpn-and-npn.patch * 0004-Disable-Brotli-and-ZStd-compression.patch * 0005-Do-not-use-the-Graal-annotations.patch * 0006-Do-not-use-the-Jetbrains-annotations.patch * 0007-Do-not-require-the-tcnative-native-library.patch
- Reproducible builds: use SOURCE_DATE_EPOCH for timestamp