Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.4
netty.23695
netty.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File netty.changes of Package netty.23695
------------------------------------------------------------------- Fri Apr 8 07:27:55 UTC 2022 - Fridrich Strba <fstrba@suse.com> - Upgrade to latest upstream version 4.1.75 - Modified patches: * 0001-Remove-optional-dep-Blockhound.patch * 0002-Remove-optional-dep-conscrypt.patch * 0003-Remove-optional-deps-jetty-alpn-and-npn.patch * 0004-Remove-optional-dep-tcnative.patch * 0005-Remove-optional-dep-log4j.patch * 0006-revert-Fix-native-image-build.patch * 0007-Revert-Support-session-cache-for-client-and-server-w.patch + rebase ------------------------------------------------------------------- Tue Feb 22 18:27:07 UTC 2022 - Fridrich Strba <fstrba@suse.com> - Do not build against the log4j12 packages ------------------------------------------------------------------- Tue Dec 14 06:31:10 UTC 2021 - Fridrich Strba <fstrba@suse.com> - Upgrade to latest upstream version 4.1.72 * fixes: bsc#1190610, CVE-2021-37136: Bzip2Decoder doesn't allow setting size restrictions for decompressed data * fixes: bsc#1190613, CVE-2021-37137: SnappyFrameDecoder doesn't restrict chunk length any may buffer skippable chunks in an unnecessary way * fixes: bsc#1193672, CVE-2021-43797: possible HTTP request smuggling due to insufficient validation against control characters - Modified patches: * 0001-Remove-optional-dep-Blockhound.patch * 0002-Remove-optional-dep-conscrypt.patch * 0003-Remove-optional-deps-jetty-alpn-and-npn.patch * 0004-Remove-optional-dep-tcnative.patch * 0005-Remove-optional-dep-log4j.patch * 0006-revert-Fix-native-image-build.patch * 0007-Revert-Support-session-cache-for-client-and-server-w.patch * no-werror.patch + rediff to changed context - Added patch: * no-brotli-zstd.patch + disable Brotli and Zstd compression, since we lack the dependencies needed to build them ------------------------------------------------------------------- Fri Mar 12 08:31:56 UTC 2021 - Fridrich Strba <fstrba@suse.com> - Upgrade to latest upstream version 4.1.60 * fixes: bsc#1183262, CVE-2021-21295: HTTP/2 request Content-Length header field is not validated by 'Http2MultiplexHandler' - Modified patches: * 0001-Remove-optional-dep-Blockhound.patch * 0002-Remove-optional-dep-conscrypt.patch * 0003-Remove-optional-deps-jetty-alpn-and-npn.patch * 0004-Remove-optional-dep-tcnative.patch * 0005-Remove-optional-dep-log4j.patch * 0006-revert-Fix-native-image-build.patch + rediff to changed context - Added patch: * 0007-Revert-Support-session-cache-for-client-and-server-w.patch + revert optional disabled cache implementation that conflicts with our 0004-Remove-optional-dep-tcnative.patch ------------------------------------------------------------------- Thu Feb 11 12:00:22 UTC 2021 - Fridrich Strba <fstrba@suse.com> - Upgrade to latest upstream version 4.1.59 - Removed patches: * netty-CVE-2020-11612.patch * netty-CVE-2021-21290.patch + fixes integrated in the upstream sources * 0001-Remove-OpenSSL-parts-depending-on-tcnative.patch * 0002-Remove-NPN.patch * 0003-Remove-conscrypt-ALPN.patch * 0004-Remove-jetty-ALPN.patch + replaced by new patches - Added patches: * 0001-Remove-optional-dep-Blockhound.patch * 0002-Remove-optional-dep-conscrypt.patch * 0003-Remove-optional-deps-jetty-alpn-and-npn.patch * 0004-Remove-optional-dep-tcnative.patch * 0005-Remove-optional-dep-log4j.patch + remove various optional dependencies that we do not need * 0006-revert-Fix-native-image-build.patch + Revert changes that introduce a new dependency that we do not have * no-werror.patch + Do not treat warnings as errors - Build -poms and -javadoc as noarch packages, since they do not install anything in arch-dependent directories ------------------------------------------------------------------- Thu Feb 11 09:20:25 UTC 2021 - Fridrich Strba <fstrba@suse.com> - Added patch: * netty-CVE-2021-21290.patch + bsc#1182103, CVE-2021-21290 ------------------------------------------------------------------- Thu Apr 9 07:54:00 UTC 2020 - Fridrich Strba <fstrba@suse.com> - Added patch: * netty-CVE-2020-11612.patch + bsc#1168932, CVE-2020-11612 + bsc#1169082, CVE-2020-10707 ------------------------------------------------------------------- Thu Jan 9 15:14:41 UTC 2020 - Fridrich Strba <fstrba@suse.com> - Split pom-only artifacts into a subpackage netty-pom in order to generate their dependencies correctly ------------------------------------------------------------------- Wed Nov 13 19:18:57 UTC 2019 - Fridrich Strba <fstrba@suse.com> - Initial packaging of netty 4.1.13
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor