Home[1] Files[2] News[3] &[SERVICES_TAB] Contact[4] Add New[5]
- Debian Security Advisory 5316-1[6]
- Authored by Debian[7] | Site debian.org[8]
-
Debian Linux Security Advisory 5316-1 - Several out-of-memory, stack overflow or HTTP request smuggling vulnerabilities have been discovered in Netty, a Java NIO client/server socket framework, which may allow attackers to cause a denial of service or bypass restrictions when used as a proxy.
- systems | linux[9], debian[10]
- advisories | CVE-2021-37136[11], CVE-2021-37137[12], CVE-2021-43797[13], CVE-2022-41881[14], CVE-2022-41915[15]
- SHA-256 |
d79e44dc740a4bdba61067f17bc2f8d1870d872798afcbc0a4bdd6ffab09ccdd
- Download[16] | Favorite[17] | View[18]
Change Mirror[19] Download[20]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5316-1Cette adresse e-mail est protégée contre les robots spammeurs. Vous devez activer le JavaScript pour la visualiser.
https://www.debian.org/security/ Markus Koschany
January 11, 2023 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : netty
CVE ID : CVE-2021-37136 CVE-2021-37137 CVE-2021-43797 CVE-2022-41881
CVE-2022-41915
Debian Bug : 1027180 1014769 1001437
Several out-of-memory, stack overflow or HTTP request smuggling vulnerabilities
have been discovered in Netty, a Java NIO client/server socket framework, which
may allow attackers to cause a denial of service or bypass restrictions when
used as a proxy.
For the stable distribution (bullseye), these problems have been fixed in
version 1:4.1.48-4+deb11u1.
We recommend that you upgrade your netty packages.
For the detailed security status of netty please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/netty
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list:Cette adresse e-mail est protégée contre les robots spammeurs. Vous devez activer le JavaScript pour la visualiser.
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmO/OTVfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeREBA//QmQrVlx87/n7z5FISY20tNkSxAI3/Xqx9IB/ldRLUw8xcttHoDV13H4K
JFKuEP6bdZzdzxXCcYGqNlXPjMJqbH6KIEmjIbCthsnbQfNzSXm86eqeZWl33kEG
QA1buF47PeyRzuW93JmS+XpjjOWaXA4/MmP14wOqHyu/sorRc4aN5R0/ea+cUSW4
a7Zvb/m/gM5dLm1m88do5oBgJsynZM0fCfLi/Lz2vvSKKap/DJaCcK9sjvyzCRlb
8OqtE+B5eejUIGcBF2TD5BZiZLY5ZIqPBEUZO5g+WMnPRWNUaU/lYqKuTPPlU72A
ZUeysGlAyhbPueEd5cIXG7jYUt07VRUFixinXHukhErzWtQU28mY7mA50If+wabO
9Pj/6/76St0XFWWxRNPYFCXeM7oSNdvC8DA7oNahpBMDSP/bJSc+sDdwjp41PjKj
zKKHraQMtOCDOWmqeWJUfUdqVa2ptSjUZ/oGBsW4CUkesoS03YAAtGasxlpfhR2o
43V0e7/9YmiBI1ZkpqIZ4vU7siqE6NzCMmvdtYaTQD66P0CJ3FCC/OdSdKSRp0HN
Z45D6hUUZdJLJrO8gGfLfZo9aABTlOSuRUcdHLBqOVUUjz7wqlQHH2d63ytf9X93
ATsBST3G5fY5ssKcyxHFtDAsqgbokkCLJ0D7TFM4cY+E7ywpq+I=
=jx2O
-----END PGP SIGNATURE-----
File Tags
- ActiveX[25] (932)
- Advisory[26] (79,858)
- Arbitrary[27] (15,732)
- BBS[28] (2,859)
- Bypass[29] (1,624)
- CGI[30] (1,018)
- Code Execution[31] (6,953)
- Conference[32] (674)
- Cracker[33] (840)
- CSRF[34] (3,293)
- DoS[35] (22,643)
- Encryption[36] (2,353)
- Exploit[37] (50,436)
- File Inclusion[38] (4,166)
- File Upload[39] (948)
- Firewall[40] (821)
- Info Disclosure[41] (2,665)
- Intrusion Detection[42] (868)
- Java[43] (2,910)
- JavaScript[44] (823)
- Kernel[45] (6,319)
- Local[46] (14,214)
- Magazine[47] (586)
- Overflow[48] (12,437)
- Perl[49] (1,418)
- PHP[50] (5,097)
- Proof of Concept[51] (2,293)
- Protocol[52] (3,439)
- Python[53] (1,468)
- Remote[54] (30,088)
- Root[55] (3,506)
- Rootkit[56] (501)
- Ruby[57] (595)
- Scanner[58] (1,633)
- Security Tool[59] (7,793)
- Shell[60] (3,110)
- Shellcode[61] (1,206)
- Sniffer[62] (887)
- Spoof[63] (2,172)
- SQL Injection[64] (16,118)
- TCP[65] (2,382)
- Trojan[66] (686)
- UDP[67] (878)
- Virus[68] (662)
- Vulnerability[69] (31,177)
- Web[70] (9,382)
- Whitepaper[71] (3,732)
- x86[72] (946)
- XSS[73] (17,503)
- Other[74]
File Archives
- January 2023[75]
- December 2022[76]
- November 2022[77]
- October 2022[78]
- September 2022[79]
- August 2022[80]
- July 2022[81]
- June 2022[82]
- May 2022[83]
- April 2022[84]
- March 2022[85]
- February 2022[86]
- Older[87]
Systems
- AIX[88] (426)
- Apple[89] (1,935)
- BSD[90] (370)
- CentOS[91] (55)
- Cisco[92] (1,917)
- Debian[93] (6,649)
- Fedora[94] (1,690)
- FreeBSD[95] (1,242)
- Gentoo[96] (4,288)
- HPUX[97] (878)
- iOS[98] (333)
- iPhone[99] (108)
- IRIX[100] (220)
- Juniper[101] (67)
- Linux[102] (44,417)
- Mac OS X[103] (684)
- Mandriva[104] (3,105)
- NetBSD[105] (255)
- OpenBSD[106] (479)
- RedHat[107] (12,506)
- Slackware[108] (941)
- Solaris[109] (1,607)
- SUSE[110] (1,444)
- Ubuntu[111] (8,226)
- UNIX[112] (9,174)
- UnixWare[113] (185)
- Windows[114] (6,512)
- Other[115]
Read more https://packetstormsecurity.com/files/170498/dsa-5316-1.txt