SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2023-4163

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2023-4163

Security update for netty, netty-tcnative

Type: security

Severity: important

Issued: 2023-10-24

Description:

This update for netty, netty-tcnative fixes the following issues:

- Updated netty to version 4.1.100:

  - CVE-2023-44487: Fixed a potential denial of service scenario via
    RST frame floods (bsc#1216169).

- Updated netty-tcnative to version 2.0.62 Final.

References

CVE: CVE-2023-44487
Bugzilla: 1216169 VUL-0: netty: protect against DDOS caused by RST floods (CVE-2023-44487)

Packages

netty-4.1.100-150200.4.20.1