AArch64 | |
ppc64le | |
s390x | |
x86-64 |
- Upgrade to latest upstream version 4.1.75 - Modified patches: * 0001-Remove-optional-dep-Blockhound.patch * 0002-Remove-optional-dep-conscrypt.patch * 0003-Remove-optional-deps-jetty-alpn-and-npn.patch * 0004-Remove-optional-dep-tcnative.patch * 0005-Remove-optional-dep-log4j.patch * 0006-revert-Fix-native-image-build.patch * 0007-Revert-Support-session-cache-for-client-and-server-w.patch + rebase
- Do not build against the log4j12 packages
- Upgrade to latest upstream version 4.1.72 * fixes: bsc#1190610, CVE-2021-37136: Bzip2Decoder doesn't allow setting size restrictions for decompressed data * fixes: bsc#1190613, CVE-2021-37137: SnappyFrameDecoder doesn't restrict chunk length any may buffer skippable chunks in an unnecessary way * fixes: bsc#1193672, CVE-2021-43797: possible HTTP request smuggling due to insufficient validation against control characters * fixes: bsc#1184203, CVE-2021-21409: request smuggling via content-length header - Modified patches: * 0001-Remove-optional-dep-Blockhound.patch * 0002-Remove-optional-dep-conscrypt.patch * 0003-Remove-optional-deps-jetty-alpn-and-npn.patch * 0004-Remove-optional-dep-tcnative.patch * 0005-Remove-optional-dep-log4j.patch * 0006-revert-Fix-native-image-build.patch * 0007-Revert-Support-session-cache-for-client-and-server-w.patch * no-werror.patch + rediff to changed context - Added patch: * no-brotli-zstd.patch + disable Brotli and Zstd compression, since we lack the dependencies needed to build them
- Upgrade to latest upstream version 4.1.59 - Removed patches: * netty-CVE-2020-11612.patch * netty-CVE-2021-21290.patch + fixes integrated in the upstream sources * 0001-Remove-OpenSSL-parts-depending-on-tcnative.patch * 0002-Remove-NPN.patch * 0003-Remove-conscrypt-ALPN.patch * 0004-Remove-jetty-ALPN.patch + replaced by new patches - Added patches: * 0001-Remove-optional-dep-Blockhound.patch * 0002-Remove-optional-dep-conscrypt.patch * 0003-Remove-optional-deps-jetty-alpn-and-npn.patch * 0004-Remove-optional-dep-tcnative.patch * 0005-Remove-optional-dep-log4j.patch + remove various optional dependencies that we do not need * 0006-revert-Fix-native-image-build.patch + Revert changes that introduce a new dependency that we do not have * no-werror.patch + Do not treat warnings as errors - Build -poms and -javadoc as noarch packages, since they do not install anything in arch-dependent directories
- Added patch: * netty-CVE-2021-21290.patch + bsc#1182103, CVE-2021-21290
- Upgrade to latest upstream version 4.1.60 * fixes: bsc#1183262, CVE-2021-21295: HTTP/2 request Content-Length header field is not validated by 'Http2MultiplexHandler' - Modified patches: * 0001-Remove-optional-dep-Blockhound.patch * 0002-Remove-optional-dep-conscrypt.patch * 0003-Remove-optional-deps-jetty-alpn-and-npn.patch * 0004-Remove-optional-dep-tcnative.patch * 0005-Remove-optional-dep-log4j.patch * 0006-revert-Fix-native-image-build.patch + rediff to changed context - Added patch: * 0007-Revert-Support-session-cache-for-client-and-server-w.patch + revert optional disabled cache implementation that conflicts with our 0004-Remove-optional-dep-tcnative.patch
- Added patch: * netty-CVE-2020-11612.patch + bsc#1168932, CVE-2020-11612 + bsc#1169082, CVE-2020-10707
- Split pom-only artifacts into a subpackage netty-pom in order to generate their dependencies correctly
- Initial packaging of netty 4.1.13
- Upgrade to upstream version 4.1.100 * Fixes of 4.1.100: + DDoS vector in the HTTP/2 protocol due RST frames (bsc#1216169, CVE-2023-44487) + Do not fail when compressing empty HttpContent * Fixes of 4.1.99: + Do not try to delete a global handle with the local handles APIs + Enable build with JDK21 + dyld: lazy symbol binding failed: Symbol not found: _netty_jni_util_JNI_OnLoad * Fixes of 4.1.98: + Revert "HttpHeaderValidationUtil should reject chars past the 1 byte range" + Filter out unresolved addresses when parsing resolv.conf + Prevent classloader leak via JNI + SSLSession.getPeerCertificateChain() should throw UnsupportedOperationException if javax.security.cert .X509Certificate can not be created + Enable client side session cache when using native SSL by default * Fixes of 4.1.97: + Fixing AsciiString#lastIndexOf To Respect The offset + Add support for snappy http2 content decompression + Add support for password-based encryption scheme 2 params + HttpHeaderValidationUtil should reject chars past the 1 byte range + Honor SslHandler.setWrapDataSize greater than SSL packet length + Add support for snappy http content encoding * Fixes of 4.1.96: + Move the PoolThreadCache finalizer to a separate object + Fix kevent(..) failed: Invalid argument + Revert "Always increment Stream Id on createStream" to fix bug which caused sending multiple RST frames for the same id * Fixes of 4.1.95 + Add resource leak listener + Reduce object allocations during SslHandler.flush(...) + Ensure ByteBuf.capacity(...) will never throw AssertionError + Make transport.Bootstrap usable with no netty-resolver on classpath + Correctly retain slice when calling ReplayingDecoderByteBuf.retainedSlice(...) + Always increment Stream Id on createStream(...) + Fix BrotliEncoder bug that does not mark ByteBuf it encodes a read + Enhance CertificateException message when throw due hostname validation - Rebased patches: * 0001-Remove-optional-dep-Blockhound.patch * 0002-Remove-optional-dep-conscrypt.patch * 0003-Remove-optional-deps-jetty-alpn-and-npn.patch * 0004-Disable-Brotli-and-ZStd-compression.patch * 0005-Do-not-use-the-Graal-annotations.patch * 0006-Do-not-use-the-Jetbrains-annotations.patch * 0007-Do-not-require-the-tcnative-native-library.patch
- Reproducible builds: use SOURCE_DATE_EPOCH for timestamp
- Added patch: * netty-CVE-2021-21295.patch + backport of upstream fixes for bsc#1183262, CVE-2021-21295: HTTP/2 request Content-Length header field is not validated by 'Http2MultiplexHandler'
- Added patch: * netty-CVE-2020-11612.patch + bsc#1168932, CVE-2020-11612 + bsc#1169082, CVE-2020-10707
- Split pom-only artifacts into a subpackage netty-pom in order to generate their dependencies correctly
- Initial packaging of netty 4.1.13