SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-4087

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-4087

Security update for netty, netty-tcnative

Type: security

Severity: moderate

Issued: 2025-11-12

Description:

This update for netty, netty-tcnative fixes the following issues:

  - CVE-2025-59419: fixed SMTP command injection vulnerability that allowed email forgery (bsc#1252097)

References

CVE: CVE-2025-59419
Bugzilla: 1252097 VUL-0: CVE-2025-59419: netty,netty3: insufficient input validation for Carriage Return and Line Feed characters in user-supplied parameters allows for SMTP command injection

Packages

netty-4.1.128-150200.4.37.1