[Git][java-team/netty][buster] 9 commits: Add patches

Markus Koschany (@apo) gitlab at salsa.debian.org
Wed Jan 11 21:53:10 GMT 2023



Markus Koschany pushed to branch buster at Debian Java Maintainers / netty


Commits:
1ebd590a by Markus Koschany at 2023-01-02T09:42:22+01:00
Add patches

- - - - -
85618c01 by Markus Koschany at 2023-01-02T09:43:06+01:00
Refresh the patches

- - - - -
4761cdad by Markus Koschany at 2023-01-02T09:43:42+01:00
Remove CVE-2021-43797.patch

- - - - -
8d97834c by Markus Koschany at 2023-01-02T09:55:04+01:00
Remove 2022 CVE patches

- - - - -
2ad1a10b by Markus Koschany at 2023-01-10T23:40:57+01:00
add patches

- - - - -
ed973871 by Markus Koschany at 2023-01-10T23:41:33+01:00
Update changelog

- - - - -
629d543f by Markus Koschany at 2023-01-11T22:06:09+01:00
Update changelog

- - - - -
8c2ee800 by Markus Koschany at 2023-01-11T22:25:32+01:00
Update patch headers

- - - - -
95a58605 by Markus Koschany at 2023-01-11T22:37:54+01:00
Update CVE-2022-41915.patch

- - - - -


19 changed files:

- debian/changelog
- debian/patches/01-ignore-npn.patch
- debian/patches/07-netty-all-epoll-dependency.patch
- debian/patches/08-codegen-without-groovy-plugin.patch
- debian/patches/13-ignore-conscrypt.patch
- debian/patches/CVE-2019-20444.patch
- debian/patches/CVE-2019-20445_1.patch
- debian/patches/CVE-2019-20445_2.patch
- debian/patches/CVE-2019-20445_3.patch
- debian/patches/CVE-2020-11612.patch
- debian/patches/CVE-2021-21290.patch
- debian/patches/CVE-2021-21295.patch
- debian/patches/CVE-2021-21409.patch
- + debian/patches/CVE-2021-37136.patch
- + debian/patches/CVE-2021-37137.patch
- + debian/patches/CVE-2021-43797.patch
- + debian/patches/CVE-2022-41881.patch
- + debian/patches/CVE-2022-41915.patch
- debian/patches/series


Changes:

=====================================
debian/changelog
=====================================
@@ -1,3 +1,14 @@
+netty (1:4.1.33-1+deb10u3) buster-security; urgency=high
+
+  * Team upload.
+  * Fix CVE-2021-37136, CVE-2021-37137, CVE-2021-43797, CVE-2022-41881 and
+    CVE-2022-41915. Several out-of-memory, stack overflow or HTTP request
+    smuggling vulnerabilities have been discovered in Netty which may allow
+    attackers to cause a denial of service or bypass restrictions when used as
+    a proxy.
+
+ -- Markus Koschany <apo at debian.org>  Tue, 10 Jan 2023 23:41:29 +0100
+
 netty (1:4.1.33-1+deb10u2) buster-security; urgency=high
 
   * Team upload.


=====================================
debian/patches/01-ignore-npn.patch
=====================================
@@ -45,7 +45,7 @@ Forwarded: not-needed
  
 --- a/handler/src/main/java/io/netty/handler/ssl/JdkSslContext.java
 +++ b/handler/src/main/java/io/netty/handler/ssl/JdkSslContext.java
-@@ -383,6 +383,7 @@
+@@ -383,6 +383,7 @@ public class JdkSslContext extends SslCo
          switch(config.protocol()) {
          case NONE:
              return JdkDefaultApplicationProtocolNegotiator.INSTANCE;
@@ -53,7 +53,7 @@ Forwarded: not-needed
          case ALPN:
              if (isServer) {
                  switch(config.selectorFailureBehavior()) {
-@@ -427,6 +428,7 @@
+@@ -427,6 +428,7 @@ public class JdkSslContext extends SslCo
                      .append(config.selectorFailureBehavior()).append(" failure behavior").toString());
                  }
              }


=====================================
debian/patches/07-netty-all-epoll-dependency.patch
=====================================
@@ -7,7 +7,7 @@ Forwarded: not-needed
 @@ -91,28 +91,6 @@
        </dependencies>
      </profile>
-
+ 
 -    <!-- The linux profile will only include the native jar for epol to the all jar.
 -         If you want to also include the native jar for kqueue use -Puber.
 -    -->


=====================================
debian/patches/08-codegen-without-groovy-plugin.patch
=====================================
@@ -15,7 +15,7 @@ Forwarded: not-needed
  
  templateDirs.eachWithIndex { templateDir, i ->
      convertSources templateDir, outputDirs[i]
-@@ -26,6 +26,7 @@
+@@ -26,6 +26,7 @@ void convertTemplates(String templateDir
      def replaceFrom = "(^.*)K([^.]+)\\.template\$"
      def replaceTo = "\\1" + keyName + "\\2.java"
      def hashCodeFn = keyPrimitive.equals("long") ? "(int) (key ^ (key >>> 32))" : "(int) key"


=====================================
debian/patches/13-ignore-conscrypt.patch
=====================================
@@ -13,7 +13,7 @@ Forwarded: not-needed
        </plugin>
 --- a/handler/src/main/java/io/netty/handler/ssl/SslHandler.java
 +++ b/handler/src/main/java/io/netty/handler/ssl/SslHandler.java
-@@ -243,48 +243,6 @@
+@@ -243,48 +243,6 @@ public class SslHandler extends ByteToMe
                  return ((ReferenceCountedOpenSslEngine) engine).jdkCompatibilityMode;
              }
          },
@@ -62,7 +62,7 @@ Forwarded: not-needed
          JDK(false, MERGE_CUMULATOR) {
              @Override
              SSLEngineResult unwrap(SslHandler handler, ByteBuf in, int readerIndex, int len, ByteBuf out)
-@@ -330,8 +288,7 @@
+@@ -330,8 +288,7 @@ public class SslHandler extends ByteToMe
          };
  
          static SslEngineType forEngine(SSLEngine engine) {
@@ -74,7 +74,7 @@ Forwarded: not-needed
          SslEngineType(boolean wantsDirectBuffer, Cumulator cumulator) {
 --- a/handler/src/main/java/io/netty/handler/ssl/JdkAlpnApplicationProtocolNegotiator.java
 +++ b/handler/src/main/java/io/netty/handler/ssl/JdkAlpnApplicationProtocolNegotiator.java
-@@ -27,7 +27,7 @@
+@@ -27,7 +27,7 @@ import javax.net.ssl.SSLEngine;
   */
  @Deprecated
  public final class JdkAlpnApplicationProtocolNegotiator extends JdkBaseApplicationProtocolNegotiator {


=====================================
debian/patches/CVE-2019-20444.patch
=====================================
@@ -9,11 +9,9 @@ Origin: https://github.com/netty/netty/commit/a7c18d44b46e02dadfe3da225a06e5091f
  .../netty/handler/codec/http/HttpRequestDecoderTest.java | 16 ++++++++++++++++
  2 files changed, 21 insertions(+)
 
-diff --git a/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java b/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java
-index 2e940d2..d3f5b79 100644
 --- a/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java
 +++ b/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java
-@@ -755,6 +755,11 @@ public abstract class HttpObjectDecoder extends ByteToMessageDecoder {
+@@ -755,6 +755,11 @@ public abstract class HttpObjectDecoder
              }
          }
  
@@ -25,8 +23,6 @@ index 2e940d2..d3f5b79 100644
          for (colonEnd = nameEnd; colonEnd < length; colonEnd ++) {
              if (sb.charAt(colonEnd) == ':') {
                  colonEnd ++;
-diff --git a/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java b/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java
-index 2b2d0cc..414a033 100644
 --- a/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java
 +++ b/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java
 @@ -334,4 +334,20 @@ public class HttpRequestDecoderTest {


=====================================
debian/patches/CVE-2019-20445_1.patch
=====================================
@@ -11,11 +11,9 @@ Origin: https://github.com/netty/netty/commit/8494b046ec7e4f28dbd44bc699cc4c4c92
  .../handler/codec/http/HttpRequestDecoderTest.java | 64 +++++++++++++++++++---
  2 files changed, 99 insertions(+), 15 deletions(-)
 
-diff --git a/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java b/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java
-index d3f5b79..0a9ea14 100644
 --- a/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java
 +++ b/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java
-@@ -609,23 +609,61 @@ public abstract class HttpObjectDecoder extends ByteToMessageDecoder {
+@@ -609,23 +609,61 @@ public abstract class HttpObjectDecoder
          if (name != null) {
              headers.add(name, value);
          }
@@ -83,8 +81,6 @@ index d3f5b79..0a9ea14 100644
      }
  
      private long contentLength() {
-diff --git a/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java b/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java
-index 414a033..717b580 100644
 --- a/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java
 +++ b/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java
 @@ -323,29 +323,75 @@ public class HttpRequestDecoderTest {


=====================================
debian/patches/CVE-2019-20445_2.patch
=====================================
@@ -8,11 +8,9 @@ Origin: https://github.com/netty/netty/commit/629034624626b722128e0fcc6b3ec9d406
  .../handler/codec/http/HttpRequestDecoderTest.java | 10 +++++-
  2 files changed, 36 insertions(+), 16 deletions(-)
 
-diff --git a/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java b/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java
-index 0a9ea14..f81880c 100644
 --- a/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java
 +++ b/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java
-@@ -641,23 +641,9 @@ public abstract class HttpObjectDecoder extends ByteToMessageDecoder {
+@@ -641,23 +641,9 @@ public abstract class HttpObjectDecoder
              HttpUtil.setTransferEncodingChunked(message, false);
              return State.SKIP_CONTROL_CHARS;
          } else if (HttpUtil.isTransferEncodingChunked(message)) {
@@ -37,7 +35,7 @@ index 0a9ea14..f81880c 100644
              return State.READ_CHUNK_SIZE;
          } else if (contentLength() >= 0) {
              return State.READ_FIXED_LENGTH_CONTENT;
-@@ -666,6 +652,32 @@ public abstract class HttpObjectDecoder extends ByteToMessageDecoder {
+@@ -666,6 +652,32 @@ public abstract class HttpObjectDecoder
          }
      }
  
@@ -70,8 +68,6 @@ index 0a9ea14..f81880c 100644
      private long contentLength() {
          if (contentLength == Long.MIN_VALUE) {
              contentLength = HttpUtil.getContentLength(message, -1L);
-diff --git a/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java b/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java
-index 717b580..5aa6fec 100644
 --- a/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java
 +++ b/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java
 @@ -385,7 +385,15 @@ public class HttpRequestDecoderTest {


=====================================
debian/patches/CVE-2019-20445_3.patch
=====================================
@@ -7,8 +7,6 @@ Origin: https://github.com/netty/netty/commit/5f68897880467c00f29495b0aa46ed19bf
  .../handler/codec/http/HttpRequestDecoderTest.java | 25 +++++++++++++++++++++-
  1 file changed, 24 insertions(+), 1 deletion(-)
 
-diff --git a/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java b/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java
-index 5aa6fec..9a8912f 100644
 --- a/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java
 +++ b/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java
 @@ -325,7 +325,30 @@ public class HttpRequestDecoderTest {


=====================================
debian/patches/CVE-2020-11612.patch
=====================================
@@ -14,11 +14,9 @@ Origin: https://github.com/netty/netty/commit/1543218d3e7afcb33a90b728b14370395a
  .../netty/handler/codec/compression/ZlibTest.java  | 57 +++++++++++++++++-
  8 files changed, 247 insertions(+), 21 deletions(-)
 
-diff --git a/codec/src/main/java/io/netty/handler/codec/compression/JZlibDecoder.java b/codec/src/main/java/io/netty/handler/codec/compression/JZlibDecoder.java
-index 5d23bb8..ab01e56 100644
 --- a/codec/src/main/java/io/netty/handler/codec/compression/JZlibDecoder.java
 +++ b/codec/src/main/java/io/netty/handler/codec/compression/JZlibDecoder.java
-@@ -18,6 +18,7 @@ package io.netty.handler.codec.compression;
+@@ -18,6 +18,7 @@ package io.netty.handler.codec.compressi
  import com.jcraft.jzlib.Inflater;
  import com.jcraft.jzlib.JZlib;
  import io.netty.buffer.ByteBuf;
@@ -26,7 +24,7 @@ index 5d23bb8..ab01e56 100644
  import io.netty.channel.ChannelHandlerContext;
  
  import java.util.List;
-@@ -34,7 +35,21 @@ public class JZlibDecoder extends ZlibDecoder {
+@@ -34,7 +35,21 @@ public class JZlibDecoder extends ZlibDe
       * @throws DecompressionException if failed to initialize zlib
       */
      public JZlibDecoder() {
@@ -49,7 +47,7 @@ index 5d23bb8..ab01e56 100644
      }
  
      /**
-@@ -43,6 +58,21 @@ public class JZlibDecoder extends ZlibDecoder {
+@@ -43,6 +58,21 @@ public class JZlibDecoder extends ZlibDe
       * @throws DecompressionException if failed to initialize zlib
       */
      public JZlibDecoder(ZlibWrapper wrapper) {
@@ -71,7 +69,7 @@ index 5d23bb8..ab01e56 100644
          if (wrapper == null) {
              throw new NullPointerException("wrapper");
          }
-@@ -53,7 +83,7 @@ public class JZlibDecoder extends ZlibDecoder {
+@@ -53,7 +83,7 @@ public class JZlibDecoder extends ZlibDe
          }
      }
  
@@ -80,7 +78,7 @@ index 5d23bb8..ab01e56 100644
       * Creates a new instance with the specified preset dictionary. The wrapper
       * is always {@link ZlibWrapper#ZLIB} because it is the only format that
       * supports the preset dictionary.
-@@ -61,6 +91,23 @@ public class JZlibDecoder extends ZlibDecoder {
+@@ -61,6 +91,23 @@ public class JZlibDecoder extends ZlibDe
       * @throws DecompressionException if failed to initialize zlib
       */
      public JZlibDecoder(byte[] dictionary) {
@@ -104,7 +102,7 @@ index 5d23bb8..ab01e56 100644
          if (dictionary == null) {
              throw new NullPointerException("dictionary");
          }
-@@ -110,11 +157,11 @@ public class JZlibDecoder extends ZlibDecoder {
+@@ -110,11 +157,11 @@ public class JZlibDecoder extends ZlibDe
              final int oldNextInIndex = z.next_in_index;
  
              // Configure output.
@@ -118,7 +116,7 @@ index 5d23bb8..ab01e56 100644
                      z.avail_out = decompressed.writableBytes();
                      z.next_out = decompressed.array();
                      z.next_out_index = decompressed.arrayOffset() + decompressed.writerIndex();
-@@ -170,4 +217,9 @@ public class JZlibDecoder extends ZlibDecoder {
+@@ -170,4 +217,9 @@ public class JZlibDecoder extends ZlibDe
              z.next_out = null;
          }
      }
@@ -128,8 +126,6 @@ index 5d23bb8..ab01e56 100644
 +        finished = true;
 +    }
  }
-diff --git a/codec/src/main/java/io/netty/handler/codec/compression/JdkZlibDecoder.java b/codec/src/main/java/io/netty/handler/codec/compression/JdkZlibDecoder.java
-index c90cc4b..6665d86 100644
 --- a/codec/src/main/java/io/netty/handler/codec/compression/JdkZlibDecoder.java
 +++ b/codec/src/main/java/io/netty/handler/codec/compression/JdkZlibDecoder.java
 @@ -16,6 +16,7 @@
@@ -140,7 +136,7 @@ index c90cc4b..6665d86 100644
  import io.netty.channel.ChannelHandlerContext;
  
  import java.util.List;
-@@ -64,7 +65,19 @@ public class JdkZlibDecoder extends ZlibDecoder {
+@@ -64,7 +65,19 @@ public class JdkZlibDecoder extends Zlib
       * Creates a new instance with the default wrapper ({@link ZlibWrapper#ZLIB}).
       */
      public JdkZlibDecoder() {
@@ -161,7 +157,7 @@ index c90cc4b..6665d86 100644
      }
  
      /**
-@@ -73,7 +86,20 @@ public class JdkZlibDecoder extends ZlibDecoder {
+@@ -73,7 +86,20 @@ public class JdkZlibDecoder extends Zlib
       * supports the preset dictionary.
       */
      public JdkZlibDecoder(byte[] dictionary) {
@@ -183,7 +179,7 @@ index c90cc4b..6665d86 100644
      }
  
      /**
-@@ -82,18 +108,41 @@ public class JdkZlibDecoder extends ZlibDecoder {
+@@ -82,18 +108,41 @@ public class JdkZlibDecoder extends Zlib
       * supported atm.
       */
      public JdkZlibDecoder(ZlibWrapper wrapper) {
@@ -229,7 +225,7 @@ index c90cc4b..6665d86 100644
          if (wrapper == null) {
              throw new NullPointerException("wrapper");
          }
-@@ -177,7 +226,7 @@ public class JdkZlibDecoder extends ZlibDecoder {
+@@ -177,7 +226,7 @@ public class JdkZlibDecoder extends Zlib
              inflater.setInput(array);
          }
  
@@ -238,7 +234,7 @@ index c90cc4b..6665d86 100644
          try {
              boolean readFooter = false;
              while (!inflater.needsInput()) {
-@@ -208,7 +257,7 @@ public class JdkZlibDecoder extends ZlibDecoder {
+@@ -208,7 +257,7 @@ public class JdkZlibDecoder extends Zlib
                      }
                      break;
                  } else {
@@ -247,20 +243,18 @@ index c90cc4b..6665d86 100644
                  }
              }
  
-@@ -238,6 +287,11 @@ public class JdkZlibDecoder extends ZlibDecoder {
-         }
+@@ -239,6 +288,11 @@ public class JdkZlibDecoder extends Zlib
      }
  
-+    @Override
+     @Override
 +    protected void decompressionBufferExhausted(ByteBuf buffer) {
 +        finished = true;
 +    }
 +
-     @Override
++    @Override
      protected void handlerRemoved0(ChannelHandlerContext ctx) throws Exception {
          super.handlerRemoved0(ctx);
-diff --git a/codec/src/main/java/io/netty/handler/codec/compression/ZlibDecoder.java b/codec/src/main/java/io/netty/handler/codec/compression/ZlibDecoder.java
-index d01bc6b..26fd3e7 100644
+         if (inflater != null) {
 --- a/codec/src/main/java/io/netty/handler/codec/compression/ZlibDecoder.java
 +++ b/codec/src/main/java/io/netty/handler/codec/compression/ZlibDecoder.java
 @@ -16,6 +16,8 @@
@@ -272,11 +266,10 @@ index d01bc6b..26fd3e7 100644
  import io.netty.handler.codec.ByteToMessageDecoder;
  
  /**
-@@ -23,9 +25,72 @@ import io.netty.handler.codec.ByteToMessageDecoder;
-  */
+@@ -24,8 +26,71 @@ import io.netty.handler.codec.ByteToMess
  public abstract class ZlibDecoder extends ByteToMessageDecoder {
  
-+    /**
+     /**
 +     * Maximum allowed size of the decompression buffer.
 +     */
 +    protected final int maxAllocation;
@@ -301,7 +294,7 @@ index d01bc6b..26fd3e7 100644
 +        this.maxAllocation = maxAllocation;
 +    }
 +
-     /**
++    /**
       * Returns {@code true} if and only if the end of the compressed stream
       * has been reached.
       */
@@ -345,11 +338,9 @@ index d01bc6b..26fd3e7 100644
 +    }
 +
  }
-diff --git a/codec/src/test/java/io/netty/handler/codec/compression/JZlibTest.java b/codec/src/test/java/io/netty/handler/codec/compression/JZlibTest.java
-index 28f3919..015559e 100644
 --- a/codec/src/test/java/io/netty/handler/codec/compression/JZlibTest.java
 +++ b/codec/src/test/java/io/netty/handler/codec/compression/JZlibTest.java
-@@ -23,7 +23,7 @@ public class JZlibTest extends ZlibTest {
+@@ -23,7 +23,7 @@ public class JZlibTest extends ZlibTest
      }
  
      @Override
@@ -359,11 +350,9 @@ index 28f3919..015559e 100644
 +        return new JZlibDecoder(wrapper, maxAllocation);
      }
  }
-diff --git a/codec/src/test/java/io/netty/handler/codec/compression/JdkZlibTest.java b/codec/src/test/java/io/netty/handler/codec/compression/JdkZlibTest.java
-index 54a48a9..5ff19f1 100644
 --- a/codec/src/test/java/io/netty/handler/codec/compression/JdkZlibTest.java
 +++ b/codec/src/test/java/io/netty/handler/codec/compression/JdkZlibTest.java
-@@ -38,8 +38,8 @@ public class JdkZlibTest extends ZlibTest {
+@@ -38,8 +38,8 @@ public class JdkZlibTest extends ZlibTes
      }
  
      @Override
@@ -374,11 +363,9 @@ index 54a48a9..5ff19f1 100644
      }
  
      @Test(expected = DecompressionException.class)
-diff --git a/codec/src/test/java/io/netty/handler/codec/compression/ZlibCrossTest1.java b/codec/src/test/java/io/netty/handler/codec/compression/ZlibCrossTest1.java
-index 9e16e1a..3c31274 100644
 --- a/codec/src/test/java/io/netty/handler/codec/compression/ZlibCrossTest1.java
 +++ b/codec/src/test/java/io/netty/handler/codec/compression/ZlibCrossTest1.java
-@@ -23,7 +23,7 @@ public class ZlibCrossTest1 extends ZlibTest {
+@@ -23,7 +23,7 @@ public class ZlibCrossTest1 extends Zlib
      }
  
      @Override
@@ -388,11 +375,9 @@ index 9e16e1a..3c31274 100644
 +        return new JZlibDecoder(wrapper, maxAllocation);
      }
  }
-diff --git a/codec/src/test/java/io/netty/handler/codec/compression/ZlibCrossTest2.java b/codec/src/test/java/io/netty/handler/codec/compression/ZlibCrossTest2.java
-index 8717019..00c6e18 100644
 --- a/codec/src/test/java/io/netty/handler/codec/compression/ZlibCrossTest2.java
 +++ b/codec/src/test/java/io/netty/handler/codec/compression/ZlibCrossTest2.java
-@@ -25,8 +25,8 @@ public class ZlibCrossTest2 extends ZlibTest {
+@@ -25,8 +25,8 @@ public class ZlibCrossTest2 extends Zlib
      }
  
      @Override
@@ -403,8 +388,6 @@ index 8717019..00c6e18 100644
      }
  
      @Test(expected = DecompressionException.class)
-diff --git a/codec/src/test/java/io/netty/handler/codec/compression/ZlibTest.java b/codec/src/test/java/io/netty/handler/codec/compression/ZlibTest.java
-index 7c25ec4..9d79c81 100644
 --- a/codec/src/test/java/io/netty/handler/codec/compression/ZlibTest.java
 +++ b/codec/src/test/java/io/netty/handler/codec/compression/ZlibTest.java
 @@ -15,7 +15,9 @@


=====================================
debian/patches/CVE-2021-21290.patch
=====================================
@@ -18,11 +18,9 @@ Origin: https://github.com/netty/netty/commit/c735357bf29d07856ad171c6611a2e1a0e
  .../io/netty/channel/unix/tests/UnixTestUtils.java   |  3 ++-
  11 files changed, 40 insertions(+), 13 deletions(-)
 
-diff --git a/buffer/src/test/java/io/netty/buffer/AbstractByteBufTest.java b/buffer/src/test/java/io/netty/buffer/AbstractByteBufTest.java
-index 59194ab..2679d1e 100644
 --- a/buffer/src/test/java/io/netty/buffer/AbstractByteBufTest.java
 +++ b/buffer/src/test/java/io/netty/buffer/AbstractByteBufTest.java
-@@ -4487,7 +4487,7 @@ public abstract class AbstractByteBufTest {
+@@ -4487,7 +4487,7 @@ public abstract class AbstractByteBufTes
  
      @Test
      public void testReadBytesAndWriteBytesWithFileChannel() throws IOException {
@@ -31,7 +29,7 @@ index 59194ab..2679d1e 100644
          RandomAccessFile randomAccessFile = null;
          try {
              randomAccessFile = new RandomAccessFile(file, "rw");
-@@ -4530,7 +4530,7 @@ public abstract class AbstractByteBufTest {
+@@ -4530,7 +4530,7 @@ public abstract class AbstractByteBufTes
  
      @Test
      public void testGetBytesAndSetBytesWithFileChannel() throws IOException {
@@ -40,11 +38,9 @@ index 59194ab..2679d1e 100644
          RandomAccessFile randomAccessFile = null;
          try {
              randomAccessFile = new RandomAccessFile(file, "rw");
-diff --git a/buffer/src/test/java/io/netty/buffer/ReadOnlyDirectByteBufferBufTest.java b/buffer/src/test/java/io/netty/buffer/ReadOnlyDirectByteBufferBufTest.java
-index d51ce11..6e40f08 100644
 --- a/buffer/src/test/java/io/netty/buffer/ReadOnlyDirectByteBufferBufTest.java
 +++ b/buffer/src/test/java/io/netty/buffer/ReadOnlyDirectByteBufferBufTest.java
-@@ -286,7 +286,7 @@ public class ReadOnlyDirectByteBufferBufTest {
+@@ -286,7 +286,7 @@ public class ReadOnlyDirectByteBufferBuf
  
      @Test
      public void testWrapMemoryMapped() throws Exception {
@@ -53,11 +49,9 @@ index d51ce11..6e40f08 100644
          FileChannel output = null;
          FileChannel input = null;
          ByteBuf b1 = null;
-diff --git a/codec-http/src/main/java/io/netty/handler/codec/http/multipart/AbstractDiskHttpData.java b/codec-http/src/main/java/io/netty/handler/codec/http/multipart/AbstractDiskHttpData.java
-index 544bc7c..c28dbae 100644
 --- a/codec-http/src/main/java/io/netty/handler/codec/http/multipart/AbstractDiskHttpData.java
 +++ b/codec-http/src/main/java/io/netty/handler/codec/http/multipart/AbstractDiskHttpData.java
-@@ -20,6 +20,7 @@ import io.netty.handler.codec.http.HttpConstants;
+@@ -20,6 +20,7 @@ import io.netty.handler.codec.http.HttpC
  import io.netty.util.internal.EmptyArrays;
  import io.netty.util.internal.logging.InternalLogger;
  import io.netty.util.internal.logging.InternalLoggerFactory;
@@ -65,7 +59,7 @@ index 544bc7c..c28dbae 100644
  
  import java.io.File;
  import java.io.FileInputStream;
-@@ -87,9 +88,9 @@ public abstract class AbstractDiskHttpData extends AbstractHttpData {
+@@ -87,9 +88,9 @@ public abstract class AbstractDiskHttpDa
          File tmpFile;
          if (getBaseDirectory() == null) {
              // create a temporary file
@@ -77,11 +71,9 @@ index 544bc7c..c28dbae 100644
                      getBaseDirectory()));
          }
          if (deleteOnExit()) {
-diff --git a/codec-http/src/test/java/io/netty/handler/codec/http/HttpChunkedInputTest.java b/codec-http/src/test/java/io/netty/handler/codec/http/HttpChunkedInputTest.java
-index 002c8d0..8e75eb9 100644
 --- a/codec-http/src/test/java/io/netty/handler/codec/http/HttpChunkedInputTest.java
 +++ b/codec-http/src/test/java/io/netty/handler/codec/http/HttpChunkedInputTest.java
-@@ -25,6 +25,7 @@ import io.netty.handler.stream.ChunkedNioFile;
+@@ -25,6 +25,7 @@ import io.netty.handler.stream.ChunkedNi
  import io.netty.handler.stream.ChunkedNioStream;
  import io.netty.handler.stream.ChunkedStream;
  import io.netty.handler.stream.ChunkedWriteHandler;
@@ -98,8 +90,6 @@ index 002c8d0..8e75eb9 100644
              TMP.deleteOnExit();
              out = new FileOutputStream(TMP);
              out.write(BYTES);
-diff --git a/common/src/main/java/io/netty/util/internal/NativeLibraryLoader.java b/common/src/main/java/io/netty/util/internal/NativeLibraryLoader.java
-index 31b4a46..a47a7f5 100644
 --- a/common/src/main/java/io/netty/util/internal/NativeLibraryLoader.java
 +++ b/common/src/main/java/io/netty/util/internal/NativeLibraryLoader.java
 @@ -180,7 +180,7 @@ public final class NativeLibraryLoader {
@@ -111,8 +101,6 @@ index 31b4a46..a47a7f5 100644
              in = url.openStream();
              out = new FileOutputStream(tmpFile);
  
-diff --git a/common/src/main/java/io/netty/util/internal/PlatformDependent.java b/common/src/main/java/io/netty/util/internal/PlatformDependent.java
-index 1baeecb..fd2af44 100644
 --- a/common/src/main/java/io/netty/util/internal/PlatformDependent.java
 +++ b/common/src/main/java/io/netty/util/internal/PlatformDependent.java
 @@ -33,6 +33,7 @@ import java.lang.reflect.Field;
@@ -123,7 +111,7 @@ index 1baeecb..fd2af44 100644
  import java.security.AccessController;
  import java.security.PrivilegedAction;
  import java.util.Deque;
-@@ -56,6 +57,7 @@ import static io.netty.util.internal.PlatformDependent0.hashCodeAsciiSanitize;
+@@ -56,6 +57,7 @@ import static io.netty.util.internal.Pla
  import static io.netty.util.internal.PlatformDependent0.unalignedAccess;
  import static java.lang.Math.max;
  import static java.lang.Math.min;
@@ -156,8 +144,6 @@ index 1baeecb..fd2af44 100644
      /**
       * Package private for testing purposes only!
       */
-diff --git a/handler/src/main/java/io/netty/handler/ssl/util/SelfSignedCertificate.java b/handler/src/main/java/io/netty/handler/ssl/util/SelfSignedCertificate.java
-index 9f010ce..34212bd 100644
 --- a/handler/src/main/java/io/netty/handler/ssl/util/SelfSignedCertificate.java
 +++ b/handler/src/main/java/io/netty/handler/ssl/util/SelfSignedCertificate.java
 @@ -20,6 +20,7 @@ import io.netty.buffer.ByteBuf;
@@ -176,7 +162,7 @@ index 9f010ce..34212bd 100644
  import java.security.KeyPair;
  import java.security.KeyPairGenerator;
  import java.security.NoSuchAlgorithmException;
-@@ -238,7 +240,7 @@ public final class SelfSignedCertificate {
+@@ -238,7 +240,7 @@ public final class SelfSignedCertificate
              wrappedBuf.release();
          }
  
@@ -185,7 +171,7 @@ index 9f010ce..34212bd 100644
          keyFile.deleteOnExit();
  
          OutputStream keyOut = new FileOutputStream(keyFile);
-@@ -269,7 +271,7 @@ public final class SelfSignedCertificate {
+@@ -269,7 +271,7 @@ public final class SelfSignedCertificate
              wrappedBuf.release();
          }
  
@@ -194,11 +180,9 @@ index 9f010ce..34212bd 100644
          certFile.deleteOnExit();
  
          OutputStream certOut = new FileOutputStream(certFile);
-diff --git a/handler/src/test/java/io/netty/handler/stream/ChunkedWriteHandlerTest.java b/handler/src/test/java/io/netty/handler/stream/ChunkedWriteHandlerTest.java
-index 5b03048..6caf0af 100644
 --- a/handler/src/test/java/io/netty/handler/stream/ChunkedWriteHandlerTest.java
 +++ b/handler/src/test/java/io/netty/handler/stream/ChunkedWriteHandlerTest.java
-@@ -26,6 +26,7 @@ import io.netty.channel.ChannelOutboundHandlerAdapter;
+@@ -26,6 +26,7 @@ import io.netty.channel.ChannelOutboundH
  import io.netty.channel.embedded.EmbeddedChannel;
  import io.netty.util.CharsetUtil;
  import io.netty.util.ReferenceCountUtil;
@@ -215,11 +199,9 @@ index 5b03048..6caf0af 100644
              TMP.deleteOnExit();
              out = new FileOutputStream(TMP);
              out.write(BYTES);
-diff --git a/testsuite/src/main/java/io/netty/testsuite/transport/socket/SocketFileRegionTest.java b/testsuite/src/main/java/io/netty/testsuite/transport/socket/SocketFileRegionTest.java
-index 53deb6c..d4f43f7 100644
 --- a/testsuite/src/main/java/io/netty/testsuite/transport/socket/SocketFileRegionTest.java
 +++ b/testsuite/src/main/java/io/netty/testsuite/transport/socket/SocketFileRegionTest.java
-@@ -100,7 +100,7 @@ public class SocketFileRegionTest extends AbstractSocketTest {
+@@ -100,7 +100,7 @@ public class SocketFileRegionTest extend
          cb.option(ChannelOption.AUTO_READ, autoRead);
  
          final int bufferSize = 1024;
@@ -228,11 +210,9 @@ index 53deb6c..d4f43f7 100644
          file.deleteOnExit();
  
          final FileOutputStream out = new FileOutputStream(file);
-diff --git a/transport-native-epoll/src/test/java/io/netty/channel/epoll/EpollSpliceTest.java b/transport-native-epoll/src/test/java/io/netty/channel/epoll/EpollSpliceTest.java
-index c53ff1e..eae1711 100644
 --- a/transport-native-epoll/src/test/java/io/netty/channel/epoll/EpollSpliceTest.java
 +++ b/transport-native-epoll/src/test/java/io/netty/channel/epoll/EpollSpliceTest.java
-@@ -29,6 +29,7 @@ import io.netty.channel.SimpleChannelInboundHandler;
+@@ -29,6 +29,7 @@ import io.netty.channel.SimpleChannelInb
  import io.netty.channel.unix.FileDescriptor;
  import io.netty.testsuite.util.TestUtils;
  import io.netty.util.NetUtil;
@@ -249,8 +229,6 @@ index c53ff1e..eae1711 100644
          file.deleteOnExit();
  
          SpliceHandler sh = new SpliceHandler(file);
-diff --git a/transport-native-unix-common-tests/src/main/java/io/netty/channel/unix/tests/UnixTestUtils.java b/transport-native-unix-common-tests/src/main/java/io/netty/channel/unix/tests/UnixTestUtils.java
-index e4ebcb4..6124ec1 100644
 --- a/transport-native-unix-common-tests/src/main/java/io/netty/channel/unix/tests/UnixTestUtils.java
 +++ b/transport-native-unix-common-tests/src/main/java/io/netty/channel/unix/tests/UnixTestUtils.java
 @@ -17,6 +17,7 @@ package io.netty.channel.unix.tests;


=====================================
debian/patches/CVE-2021-21295.patch
=====================================
@@ -11,8 +11,6 @@ Origin: https://github.com/netty/netty/commit/89c241e3b1795ff257af4ad6eadc616cb2
  .../http2/DefaultHttp2ConnectionDecoderTest.java   | 128 +++++++++++++++++++++
  4 files changed, 329 insertions(+), 30 deletions(-)
 
-diff --git a/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java b/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java
-index f81880c..6a19f1e 100644
 --- a/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java
 +++ b/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java
 @@ -100,11 +100,13 @@ import java.util.List;
@@ -29,18 +27,17 @@ index f81880c..6a19f1e 100644
      private final HeaderParser headerParser;
      private final LineParser lineParser;
  
-@@ -165,9 +167,17 @@ public abstract class HttpObjectDecoder extends ByteToMessageDecoder {
-         this(maxInitialLineLength, maxHeaderSize, maxChunkSize, chunkedSupported, validateHeaders, 128);
+@@ -166,8 +168,16 @@ public abstract class HttpObjectDecoder
      }
  
-+    protected HttpObjectDecoder(
+     protected HttpObjectDecoder(
 +             int maxInitialLineLength, int maxHeaderSize, int maxChunkSize,
 +             boolean chunkedSupported, boolean validateHeaders, int initialBufferSize) {
 +        this(maxInitialLineLength, maxHeaderSize, maxChunkSize, chunkedSupported, validateHeaders, initialBufferSize,
 +             DEFAULT_ALLOW_DUPLICATE_CONTENT_LENGTHS);
 +    }
 +
-     protected HttpObjectDecoder(
++    protected HttpObjectDecoder(
              int maxInitialLineLength, int maxHeaderSize, int maxChunkSize,
 -            boolean chunkedSupported, boolean validateHeaders, int initialBufferSize) {
 +            boolean chunkedSupported, boolean validateHeaders, int initialBufferSize,
@@ -48,7 +45,7 @@ index f81880c..6a19f1e 100644
          if (maxInitialLineLength <= 0) {
              throw new IllegalArgumentException(
                      "maxInitialLineLength must be a positive integer: " +
-@@ -189,6 +199,7 @@ public abstract class HttpObjectDecoder extends ByteToMessageDecoder {
+@@ -189,6 +199,7 @@ public abstract class HttpObjectDecoder
          this.maxChunkSize = maxChunkSize;
          this.chunkedSupported = chunkedSupported;
          this.validateHeaders = validateHeaders;
@@ -56,7 +53,7 @@ index f81880c..6a19f1e 100644
      }
  
      @Override
-@@ -614,34 +625,27 @@ public abstract class HttpObjectDecoder extends ByteToMessageDecoder {
+@@ -614,34 +625,27 @@ public abstract class HttpObjectDecoder
          name = null;
          value = null;
  
@@ -104,8 +101,6 @@ index f81880c..6a19f1e 100644
                  handleTransferEncodingChunkedWithContentLength(message);
              }
              return State.READ_CHUNK_SIZE;
-diff --git a/codec-http/src/main/java/io/netty/handler/codec/http/HttpUtil.java b/codec-http/src/main/java/io/netty/handler/codec/http/HttpUtil.java
-index 94af790..826976e 100644
 --- a/codec-http/src/main/java/io/netty/handler/codec/http/HttpUtil.java
 +++ b/codec-http/src/main/java/io/netty/handler/codec/http/HttpUtil.java
 @@ -23,9 +23,12 @@ import java.util.ArrayList;
@@ -215,8 +210,6 @@ index 94af790..826976e 100644
 +        }
 +    }
  }
-diff --git a/codec-http2/src/main/java/io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoder.java b/codec-http2/src/main/java/io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoder.java
-index 2d78fc9..ada4feb 100644
 --- a/codec-http2/src/main/java/io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoder.java
 +++ b/codec-http2/src/main/java/io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoder.java
 @@ -16,8 +16,11 @@ package io.netty.handler.codec.http2;
@@ -240,7 +233,7 @@ index 2d78fc9..ada4feb 100644
      private static final InternalLogger logger = InternalLoggerFactory.getInstance(DefaultHttp2ConnectionDecoder.class);
      private Http2FrameListener internalFrameListener = new PrefaceFrameListener();
      private final Http2Connection connection;
-@@ -57,6 +62,7 @@ public class DefaultHttp2ConnectionDecoder implements Http2ConnectionDecoder {
+@@ -57,6 +62,7 @@ public class DefaultHttp2ConnectionDecod
      private final Http2FrameReader frameReader;
      private Http2FrameListener listener;
      private final Http2PromisedRequestVerifier requestVerifier;
@@ -248,7 +241,7 @@ index 2d78fc9..ada4feb 100644
  
      public DefaultHttp2ConnectionDecoder(Http2Connection connection,
                                           Http2ConnectionEncoder encoder,
-@@ -69,6 +75,7 @@ public class DefaultHttp2ConnectionDecoder implements Http2ConnectionDecoder {
+@@ -69,6 +75,7 @@ public class DefaultHttp2ConnectionDecod
                                           Http2FrameReader frameReader,
                                           Http2PromisedRequestVerifier requestVerifier) {
          this.connection = checkNotNull(connection, "connection");
@@ -256,7 +249,7 @@ index 2d78fc9..ada4feb 100644
          this.frameReader = checkNotNull(frameReader, "frameReader");
          this.encoder = checkNotNull(encoder, "encoder");
          this.requestVerifier = checkNotNull(requestVerifier, "requestVerifier");
-@@ -167,6 +174,23 @@ public class DefaultHttp2ConnectionDecoder implements Http2ConnectionDecoder {
+@@ -167,6 +174,23 @@ public class DefaultHttp2ConnectionDecod
          listener.onUnknownFrame(ctx, frameType, streamId, flags, payload);
      }
  
@@ -280,7 +273,7 @@ index 2d78fc9..ada4feb 100644
      /**
       * Handles all inbound frames from the network.
       */
-@@ -176,7 +200,8 @@ public class DefaultHttp2ConnectionDecoder implements Http2ConnectionDecoder {
+@@ -176,7 +200,8 @@ public class DefaultHttp2ConnectionDecod
                                boolean endOfStream) throws Http2Exception {
              Http2Stream stream = connection.stream(streamId);
              Http2LocalFlowController flowController = flowController();
@@ -290,7 +283,7 @@ index 2d78fc9..ada4feb 100644
  
              final boolean shouldIgnore;
              try {
-@@ -203,7 +228,6 @@ public class DefaultHttp2ConnectionDecoder implements Http2ConnectionDecoder {
+@@ -203,7 +228,6 @@ public class DefaultHttp2ConnectionDecod
                  // All bytes have been consumed.
                  return bytesToReturn;
              }
@@ -298,7 +291,7 @@ index 2d78fc9..ada4feb 100644
              Http2Exception error = null;
              switch (stream.state()) {
                  case OPEN:
-@@ -231,6 +255,8 @@ public class DefaultHttp2ConnectionDecoder implements Http2ConnectionDecoder {
+@@ -231,6 +255,8 @@ public class DefaultHttp2ConnectionDecod
                      throw error;
                  }
  
@@ -307,7 +300,7 @@ index 2d78fc9..ada4feb 100644
                  // Call back the application and retrieve the number of bytes that have been
                  // immediately processed.
                  bytesToReturn = listener.onDataRead(ctx, streamId, data, padding, endOfStream);
-@@ -311,14 +337,34 @@ public class DefaultHttp2ConnectionDecoder implements Http2ConnectionDecoder {
+@@ -311,14 +337,34 @@ public class DefaultHttp2ConnectionDecod
                              stream.state());
              }
  
@@ -349,7 +342,7 @@ index 2d78fc9..ada4feb 100644
              }
          }
  
-@@ -675,4 +721,40 @@ public class DefaultHttp2ConnectionDecoder implements Http2ConnectionDecoder {
+@@ -675,4 +721,40 @@ public class DefaultHttp2ConnectionDecod
              onUnknownFrame0(ctx, frameType, streamId, flags, payload);
          }
      }
@@ -390,8 +383,6 @@ index 2d78fc9..ada4feb 100644
 +        }
 +    }
  }
-diff --git a/codec-http2/src/test/java/io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoderTest.java b/codec-http2/src/test/java/io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoderTest.java
-index 7e87d52..d7d3cbf 100644
 --- a/codec-http2/src/test/java/io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoderTest.java
 +++ b/codec-http2/src/test/java/io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoderTest.java
 @@ -21,17 +21,21 @@ import io.netty.channel.ChannelFuture;
@@ -416,7 +407,7 @@ index 7e87d52..d7d3cbf 100644
  import java.util.concurrent.atomic.AtomicInteger;
  
  import static io.netty.buffer.Unpooled.EMPTY_BUFFER;
-@@ -129,6 +133,21 @@ public class DefaultHttp2ConnectionDecoderTest {
+@@ -129,6 +133,21 @@ public class DefaultHttp2ConnectionDecod
          when(stream.id()).thenReturn(STREAM_ID);
          when(stream.state()).thenReturn(OPEN);
          when(stream.open(anyBoolean())).thenReturn(stream);
@@ -438,7 +429,7 @@ index 7e87d52..d7d3cbf 100644
          when(pushStream.id()).thenReturn(PUSH_STREAM_ID);
          doAnswer(new Answer<Boolean>() {
              @Override
-@@ -743,6 +762,115 @@ public class DefaultHttp2ConnectionDecoderTest {
+@@ -743,6 +762,115 @@ public class DefaultHttp2ConnectionDecod
          verify(listener).onGoAwayRead(eq(ctx), eq(1), eq(2L), eq(EMPTY_BUFFER));
      }
  


=====================================
debian/patches/CVE-2021-21409.patch
=====================================
@@ -8,11 +8,9 @@ Origin: https://github.com/netty/netty/commit/b0fa4d5aab4215f3c22ce6123dd8dd5f38
  .../io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoder.java  | 5 ++++-
  1 file changed, 4 insertions(+), 1 deletion(-)
 
-diff --git a/codec-http2/src/main/java/io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoder.java b/codec-http2/src/main/java/io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoder.java
-index ada4feb..92fd1bd 100644
 --- a/codec-http2/src/main/java/io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoder.java
 +++ b/codec-http2/src/main/java/io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoder.java
-@@ -296,10 +296,13 @@ public class DefaultHttp2ConnectionDecoder implements Http2ConnectionDecoder {
+@@ -296,10 +296,13 @@ public class DefaultHttp2ConnectionDecod
                  short weight, boolean exclusive, int padding, boolean endOfStream) throws Http2Exception {
              Http2Stream stream = connection.stream(streamId);
              boolean allowHalfClosedRemote = false;
@@ -26,7 +24,7 @@ index ada4feb..92fd1bd 100644
              }
  
              if (shouldIgnoreHeadersOrDataFrame(ctx, streamId, stream, "HEADERS")) {
-@@ -337,7 +340,7 @@ public class DefaultHttp2ConnectionDecoder implements Http2ConnectionDecoder {
+@@ -337,7 +340,7 @@ public class DefaultHttp2ConnectionDecod
                              stream.state());
              }
  


=====================================
debian/patches/CVE-2021-37136.patch
=====================================
@@ -0,0 +1,80 @@
+From: Markus Koschany <apo at debian.org>
+Date: Sun, 1 Jan 2023 17:07:49 +0100
+Subject: CVE-2021-37136
+
+Bug-Debian: https://bugs.debian.org/1014769
+Origin: https://github.com/netty/netty/commit/41d3d61a61608f2223bb364955ab2045dd5e4020
+---
+ .../handler/codec/compression/Bzip2BlockDecompressor.java |  5 +++++
+ .../netty/handler/codec/compression/Bzip2Constants.java   |  2 ++
+ .../io/netty/handler/codec/compression/Bzip2Decoder.java  | 15 ++++++++-------
+ 3 files changed, 15 insertions(+), 7 deletions(-)
+
+diff --git a/codec/src/main/java/io/netty/handler/codec/compression/Bzip2BlockDecompressor.java b/codec/src/main/java/io/netty/handler/codec/compression/Bzip2BlockDecompressor.java
+index ae05568..5a0b497 100644
+--- a/codec/src/main/java/io/netty/handler/codec/compression/Bzip2BlockDecompressor.java
++++ b/codec/src/main/java/io/netty/handler/codec/compression/Bzip2BlockDecompressor.java
+@@ -228,6 +228,11 @@ final class Bzip2BlockDecompressor {
+                 bwtBlock[bwtBlockLength++] = nextByte;
+             }
+         }
++        if (bwtBlockLength > MAX_BLOCK_LENGTH) {
++            throw new DecompressionException("block length exceeds max block length: "
++                    + bwtBlockLength + " > " + MAX_BLOCK_LENGTH);
++        }
++
+         this.bwtBlockLength = bwtBlockLength;
+         initialiseInverseBWT();
+         return true;
+diff --git a/codec/src/main/java/io/netty/handler/codec/compression/Bzip2Constants.java b/codec/src/main/java/io/netty/handler/codec/compression/Bzip2Constants.java
+index c0283a7..21b9a2b 100644
+--- a/codec/src/main/java/io/netty/handler/codec/compression/Bzip2Constants.java
++++ b/codec/src/main/java/io/netty/handler/codec/compression/Bzip2Constants.java
+@@ -49,6 +49,8 @@ final class Bzip2Constants {
+     static final int MIN_BLOCK_SIZE = 1;
+     static final int MAX_BLOCK_SIZE = 9;
+ 
++    static final int MAX_BLOCK_LENGTH = MAX_BLOCK_SIZE * BASE_BLOCK_SIZE;
++
+     /**
+      * Maximum possible Huffman alphabet size.
+      */
+diff --git a/codec/src/main/java/io/netty/handler/codec/compression/Bzip2Decoder.java b/codec/src/main/java/io/netty/handler/codec/compression/Bzip2Decoder.java
+index b66ff59..3fc1001 100644
+--- a/codec/src/main/java/io/netty/handler/codec/compression/Bzip2Decoder.java
++++ b/codec/src/main/java/io/netty/handler/codec/compression/Bzip2Decoder.java
+@@ -291,26 +291,27 @@ public class Bzip2Decoder extends ByteToMessageDecoder {
+                 }
+ 
+                 final int blockLength = blockDecompressor.blockLength();
+-                final ByteBuf uncompressed = ctx.alloc().buffer(blockLength);
+-                boolean success = false;
++                ByteBuf uncompressed = ctx.alloc().buffer(blockLength);
+                 try {
+                     int uncByte;
+                     while ((uncByte = blockDecompressor.read()) >= 0) {
+                         uncompressed.writeByte(uncByte);
+                     }
+-
++                    // We did read all the data, lets reset the state and do the CRC check.
++                    currentState = State.INIT_BLOCK;
+                     int currentBlockCRC = blockDecompressor.checkCRC();
+                     streamCRC = (streamCRC << 1 | streamCRC >>> 31) ^ currentBlockCRC;
+ 
+                     out.add(uncompressed);
+-                    success = true;
++                    uncompressed = null;
+                 } finally {
+-                    if (!success) {
++                    if (uncompressed != null) {
+                         uncompressed.release();
+                     }
+                 }
+-                currentState = State.INIT_BLOCK;
+-                break;
++                // Return here so the ByteBuf that was put in the List will be forwarded to the user and so can be
++                // released as soon as possible.
++                return;
+             case EOF:
+                 in.skipBytes(in.readableBytes());
+                 return;


=====================================
debian/patches/CVE-2021-37137.patch
=====================================
@@ -0,0 +1,183 @@
+From: Markus Koschany <apo at debian.org>
+Date: Sun, 1 Jan 2023 18:28:34 +0100
+Subject: CVE-2021-37137
+
+Bug-Debian: https://bugs.debian.org/1014769
+Origin: https://github.com/netty/netty/commit/6da4956b31023ae967451e1d94ff51a746a9194f
+---
+ .../io/netty/handler/codec/compression/Snappy.java | 30 ++++++++++----
+ .../codec/compression/SnappyFrameDecoder.java      | 46 ++++++++++++++++++----
+ 2 files changed, 62 insertions(+), 14 deletions(-)
+
+diff --git a/codec/src/main/java/io/netty/handler/codec/compression/Snappy.java b/codec/src/main/java/io/netty/handler/codec/compression/Snappy.java
+index 9264244..fcdc22a 100644
+--- a/codec/src/main/java/io/netty/handler/codec/compression/Snappy.java
++++ b/codec/src/main/java/io/netty/handler/codec/compression/Snappy.java
+@@ -38,12 +38,11 @@ public final class Snappy {
+     private static final int COPY_2_BYTE_OFFSET = 2;
+     private static final int COPY_4_BYTE_OFFSET = 3;
+ 
+-    private State state = State.READY;
++    private State state = State.READING_PREAMBLE;
+     private byte tag;
+     private int written;
+ 
+     private enum State {
+-        READY,
+         READING_PREAMBLE,
+         READING_TAG,
+         READING_LITERAL,
+@@ -51,7 +50,7 @@ public final class Snappy {
+     }
+ 
+     public void reset() {
+-        state = State.READY;
++        state = State.READING_PREAMBLE;
+         tag = 0;
+         written = 0;
+     }
+@@ -270,9 +269,6 @@ public final class Snappy {
+     public void decode(ByteBuf in, ByteBuf out) {
+         while (in.isReadable()) {
+             switch (state) {
+-            case READY:
+-                state = State.READING_PREAMBLE;
+-                // fall through
+             case READING_PREAMBLE:
+                 int uncompressedLength = readPreamble(in);
+                 if (uncompressedLength == PREAMBLE_NOT_FULL) {
+@@ -281,7 +277,6 @@ public final class Snappy {
+                 }
+                 if (uncompressedLength == 0) {
+                     // Should never happen, but it does mean we have nothing further to do
+-                    state = State.READY;
+                     return;
+                 }
+                 out.ensureWritable(uncompressedLength);
+@@ -378,6 +373,27 @@ public final class Snappy {
+         return 0;
+     }
+ 
++    /**
++     * Get the length varint (a series of bytes, where the lower 7 bits
++     * are data and the upper bit is a flag to indicate more bytes to be
++     * read).
++     *
++     * @param in The input buffer to get the preamble from
++     * @return The calculated length based on the input buffer, or 0 if
++     *   no preamble is able to be calculated
++     */
++    int getPreamble(ByteBuf in) {
++        if (state == State.READING_PREAMBLE) {
++            int readerIndex = in.readerIndex();
++            try {
++                return readPreamble(in);
++            } finally {
++                in.readerIndex(readerIndex);
++            }
++        }
++        return 0;
++    }
++
+     /**
+      * Reads a literal from the input buffer directly to the output buffer.
+      * A "literal" is an uncompressed segment of data stored directly in the
+diff --git a/codec/src/main/java/io/netty/handler/codec/compression/SnappyFrameDecoder.java b/codec/src/main/java/io/netty/handler/codec/compression/SnappyFrameDecoder.java
+index 4762e72..59fdc68 100644
+--- a/codec/src/main/java/io/netty/handler/codec/compression/SnappyFrameDecoder.java
++++ b/codec/src/main/java/io/netty/handler/codec/compression/SnappyFrameDecoder.java
+@@ -45,13 +45,19 @@ public class SnappyFrameDecoder extends ByteToMessageDecoder {
+     }
+ 
+     private static final int SNAPPY_IDENTIFIER_LEN = 6;
++    // See https://github.com/google/snappy/blob/1.1.9/framing_format.txt#L95
+     private static final int MAX_UNCOMPRESSED_DATA_SIZE = 65536 + 4;
++    // See https://github.com/google/snappy/blob/1.1.9/framing_format.txt#L82
++    private static final int MAX_DECOMPRESSED_DATA_SIZE = 65536;
++    // See https://github.com/google/snappy/blob/1.1.9/framing_format.txt#L82
++    private static final int MAX_COMPRESSED_CHUNK_SIZE = 16777216 - 1;
+ 
+     private final Snappy snappy = new Snappy();
+     private final boolean validateChecksums;
+ 
+     private boolean started;
+     private boolean corrupted;
++    private int numBytesToSkip;
+ 
+     /**
+      * Creates a new snappy-framed decoder with validation of checksums
+@@ -82,6 +88,16 @@ public class SnappyFrameDecoder extends ByteToMessageDecoder {
+             return;
+         }
+ 
++        if (numBytesToSkip != 0) {
++            // The last chunkType we detected was RESERVED_SKIPPABLE and we still have some bytes to skip.
++            int skipBytes = Math.min(numBytesToSkip, in.readableBytes());
++            in.skipBytes(skipBytes);
++            numBytesToSkip -= skipBytes;
++
++            // Let's return and try again.
++            return;
++        }
++
+         try {
+             int idx = in.readerIndex();
+             final int inSize = in.readableBytes();
+@@ -123,12 +139,15 @@ public class SnappyFrameDecoder extends ByteToMessageDecoder {
+                         throw new DecompressionException("Received RESERVED_SKIPPABLE tag before STREAM_IDENTIFIER");
+                     }
+ 
+-                    if (inSize < 4 + chunkLength) {
+-                        // TODO: Don't keep skippable bytes
+-                        return;
+-                    }
++                    in.skipBytes(4);
+ 
+-                    in.skipBytes(4 + chunkLength);
++                    int skipBytes = Math.min(chunkLength, in.readableBytes());
++                    in.skipBytes(skipBytes);
++                    if (skipBytes != chunkLength) {
++                        // We could skip all bytes, let's store the remaining so we can do so once we receive more
++                        // data.
++                        numBytesToSkip = chunkLength - skipBytes;
++                    }
+                     break;
+                 case RESERVED_UNSKIPPABLE:
+                     // The spec mandates that reserved unskippable chunks must immediately
+@@ -141,7 +160,8 @@ public class SnappyFrameDecoder extends ByteToMessageDecoder {
+                         throw new DecompressionException("Received UNCOMPRESSED_DATA tag before STREAM_IDENTIFIER");
+                     }
+                     if (chunkLength > MAX_UNCOMPRESSED_DATA_SIZE) {
+-                        throw new DecompressionException("Received UNCOMPRESSED_DATA larger than 65540 bytes");
++                        throw new DecompressionException("Received UNCOMPRESSED_DATA larger than " +
++                                MAX_UNCOMPRESSED_DATA_SIZE + " bytes");
+                     }
+ 
+                     if (inSize < 4 + chunkLength) {
+@@ -162,13 +182,25 @@ public class SnappyFrameDecoder extends ByteToMessageDecoder {
+                         throw new DecompressionException("Received COMPRESSED_DATA tag before STREAM_IDENTIFIER");
+                     }
+ 
++                    if (chunkLength > MAX_COMPRESSED_CHUNK_SIZE) {
++                        throw new DecompressionException("Received COMPRESSED_DATA that contains" +
++                                " chunk that exceeds " + MAX_COMPRESSED_CHUNK_SIZE + " bytes");
++                    }
++
+                     if (inSize < 4 + chunkLength) {
+                         return;
+                     }
+ 
+                     in.skipBytes(4);
+                     int checksum = in.readIntLE();
+-                    ByteBuf uncompressed = ctx.alloc().buffer();
++
++                    int uncompressedSize = snappy.getPreamble(in);
++                    if (uncompressedSize > MAX_DECOMPRESSED_DATA_SIZE) {
++                        throw new DecompressionException("Received COMPRESSED_DATA that contains" +
++                                " uncompressed data that exceeds " + MAX_DECOMPRESSED_DATA_SIZE + " bytes");
++                    }
++
++                    ByteBuf uncompressed = ctx.alloc().buffer(uncompressedSize, MAX_DECOMPRESSED_DATA_SIZE);
+                     try {
+                         if (validateChecksums) {
+                             int oldWriterIndex = in.writerIndex();


=====================================
debian/patches/CVE-2021-43797.patch
=====================================
@@ -0,0 +1,260 @@
+From: Markus Koschany <apo at debian.org>
+Date: Mon, 2 Jan 2023 10:59:58 +0100
+Subject: CVE-2021-43797
+
+Bug-Debian: https://bugs.debian.org/1001437
+Origin: https://github.com/netty/netty/commit/07aa6b5938a8b6ed7a6586e066400e2643897323
+---
+ .../handler/codec/http/DefaultHttpHeaders.java     |  8 ++
+ .../handler/codec/http/HttpRequestDecoderTest.java | 87 ++++++++++++++++++++--
+ .../codec/http/HttpResponseDecoderTest.java        | 78 +++++++++++++++++++
+ 3 files changed, 167 insertions(+), 6 deletions(-)
+
+diff --git a/codec-http/src/main/java/io/netty/handler/codec/http/DefaultHttpHeaders.java b/codec-http/src/main/java/io/netty/handler/codec/http/DefaultHttpHeaders.java
+index 88af27f..ea58595 100644
+--- a/codec-http/src/main/java/io/netty/handler/codec/http/DefaultHttpHeaders.java
++++ b/codec-http/src/main/java/io/netty/handler/codec/http/DefaultHttpHeaders.java
+@@ -355,6 +355,10 @@ public class DefaultHttpHeaders extends HttpHeaders {
+ 
+     private static void validateHeaderNameElement(byte value) {
+         switch (value) {
++        case 0x1c:
++        case 0x1d:
++        case 0x1e:
++        case 0x1f:
+         case 0x00:
+         case '\t':
+         case '\n':
+@@ -380,6 +384,10 @@ public class DefaultHttpHeaders extends HttpHeaders {
+ 
+     private static void validateHeaderNameElement(char value) {
+         switch (value) {
++        case 0x1c:
++        case 0x1d:
++        case 0x1e:
++        case 0x1f:
+         case 0x00:
+         case '\t':
+         case '\n':
+diff --git a/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java b/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java
+index 9a8912f..72098ef 100644
+--- a/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java
++++ b/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java
+@@ -15,6 +15,7 @@
+  */
+ package io.netty.handler.codec.http;
+ 
++import io.netty.buffer.ByteBuf;
+ import io.netty.buffer.Unpooled;
+ import io.netty.channel.embedded.EmbeddedChannel;
+ import io.netty.handler.codec.TooLongFrameException;
+@@ -321,6 +322,75 @@ public class HttpRequestDecoderTest {
+         assertFalse(channel.finish());
+     }
+ 
++    @Test
++    public void testHeaderNameStartsWithControlChar1c() {
++        testHeaderNameStartsWithControlChar(0x1c);
++    }
++
++    @Test
++    public void testHeaderNameStartsWithControlChar1d() {
++        testHeaderNameStartsWithControlChar(0x1d);
++    }
++
++    @Test
++    public void testHeaderNameStartsWithControlChar1e() {
++        testHeaderNameStartsWithControlChar(0x1e);
++    }
++
++    @Test
++    public void testHeaderNameStartsWithControlChar1f() {
++        testHeaderNameStartsWithControlChar(0x1f);
++    }
++
++    @Test
++    public void testHeaderNameStartsWithControlChar0c() {
++        testHeaderNameStartsWithControlChar(0x0c);
++    }
++
++    private void testHeaderNameStartsWithControlChar(int controlChar) {
++        ByteBuf requestBuffer = Unpooled.buffer();
++        requestBuffer.writeCharSequence("GET /some/path HTTP/1.1\r\n" +
++                "Host: netty.io\r\n", CharsetUtil.US_ASCII);
++        requestBuffer.writeByte(controlChar);
++        requestBuffer.writeCharSequence("Transfer-Encoding: chunked\r\n\r\n", CharsetUtil.US_ASCII);
++        testInvalidHeaders0(requestBuffer);
++    }
++
++    @Test
++    public void testHeaderNameEndsWithControlChar1c() {
++        testHeaderNameEndsWithControlChar(0x1c);
++    }
++
++    @Test
++    public void testHeaderNameEndsWithControlChar1d() {
++        testHeaderNameEndsWithControlChar(0x1d);
++    }
++
++    @Test
++    public void testHeaderNameEndsWithControlChar1e() {
++        testHeaderNameEndsWithControlChar(0x1e);
++    }
++
++    @Test
++    public void testHeaderNameEndsWithControlChar1f() {
++        testHeaderNameEndsWithControlChar(0x1f);
++    }
++
++    @Test
++    public void testHeaderNameEndsWithControlChar0c() {
++        testHeaderNameEndsWithControlChar(0x0c);
++    }
++
++    private void testHeaderNameEndsWithControlChar(int controlChar) {
++        ByteBuf requestBuffer = Unpooled.buffer();
++        requestBuffer.writeCharSequence("GET /some/path HTTP/1.1\r\n" +
++                "Host: netty.io\r\n", CharsetUtil.US_ASCII);
++        requestBuffer.writeCharSequence("Transfer-Encoding", CharsetUtil.US_ASCII);
++        requestBuffer.writeByte(controlChar);
++        requestBuffer.writeCharSequence(": chunked\r\n\r\n", CharsetUtil.US_ASCII);
++        testInvalidHeaders0(requestBuffer);
++    }
++
+     @Test
+     public void testWhitespace() {
+         String requestStr = "GET /some/path HTTP/1.1\r\n" +
+@@ -330,9 +400,9 @@ public class HttpRequestDecoderTest {
+     }
+ 
+     @Test
+-    public void testWhitespaceBeforeTransferEncoding01() {
++    public void testWhitespaceInTransferEncoding01() {
+         String requestStr = "GET /some/path HTTP/1.1\r\n" +
+-                " Transfer-Encoding : chunked\r\n" +
++                "Transfer-Encoding : chunked\r\n" +
+                 "Content-Length: 1\r\n" +
+                 "Host: netty.io\r\n\r\n" +
+                 "a";
+@@ -340,9 +410,9 @@ public class HttpRequestDecoderTest {
+     }
+ 
+     @Test
+-    public void testWhitespaceBeforeTransferEncoding02() {
++    public void testWhitespaceInTransferEncoding02() {
+         String requestStr = "POST / HTTP/1.1" +
+-                " Transfer-Encoding : chunked\r\n" +
++                "Transfer-Encoding : chunked\r\n" +
+                 "Host: target.com" +
+                 "Content-Length: 65\r\n\r\n" +
+                 "0\r\n\r\n" +
+@@ -416,15 +486,20 @@ public class HttpRequestDecoderTest {
+         assertTrue(request.headers().contains("Transfer-Encoding", "chunked", false));
+         assertFalse(request.headers().contains("Content-Length"));
+         LastHttpContent c = channel.readInbound();
++        c.release();
+         assertFalse(channel.finish());
+     }
+ 
+     private static void testInvalidHeaders0(String requestStr) {
++        testInvalidHeaders0(Unpooled.copiedBuffer(requestStr, CharsetUtil.US_ASCII));
++    }
++
++    private static void testInvalidHeaders0(ByteBuf requestBuffer) {
+         EmbeddedChannel channel = new EmbeddedChannel(new HttpRequestDecoder());
+-        assertTrue(channel.writeInbound(Unpooled.copiedBuffer(requestStr, CharsetUtil.US_ASCII)));
++        assertTrue(channel.writeInbound(requestBuffer));
+         HttpRequest request = channel.readInbound();
++        assertThat(request.decoderResult().cause(), instanceOf(IllegalArgumentException.class));
+         assertTrue(request.decoderResult().isFailure());
+-        assertTrue(request.decoderResult().cause() instanceof IllegalArgumentException);
+         assertFalse(channel.finish());
+     }
+ }
+diff --git a/codec-http/src/test/java/io/netty/handler/codec/http/HttpResponseDecoderTest.java b/codec-http/src/test/java/io/netty/handler/codec/http/HttpResponseDecoderTest.java
+index 1f0b2ba..d9f3ac6 100644
+--- a/codec-http/src/test/java/io/netty/handler/codec/http/HttpResponseDecoderTest.java
++++ b/codec-http/src/test/java/io/netty/handler/codec/http/HttpResponseDecoderTest.java
+@@ -698,4 +698,82 @@ public class HttpResponseDecoderTest {
+         assertEquals("netty.io", response.headers().get(HttpHeaderNames.HOST));
+         assertFalse(channel.finish());
+     }
++
++    @Test
++    public void testHeaderNameStartsWithControlChar1c() {
++        testHeaderNameStartsWithControlChar(0x1c);
++    }
++
++    @Test
++    public void testHeaderNameStartsWithControlChar1d() {
++        testHeaderNameStartsWithControlChar(0x1d);
++    }
++
++    @Test
++    public void testHeaderNameStartsWithControlChar1e() {
++        testHeaderNameStartsWithControlChar(0x1e);
++    }
++
++    @Test
++    public void testHeaderNameStartsWithControlChar1f() {
++        testHeaderNameStartsWithControlChar(0x1f);
++    }
++
++    @Test
++    public void testHeaderNameStartsWithControlChar0c() {
++        testHeaderNameStartsWithControlChar(0x0c);
++    }
++
++    private void testHeaderNameStartsWithControlChar(int controlChar) {
++        ByteBuf responseBuffer = Unpooled.buffer();
++        responseBuffer.writeCharSequence("HTTP/1.1 200 OK\r\n" +
++                "Host: netty.io\r\n", CharsetUtil.US_ASCII);
++        responseBuffer.writeByte(controlChar);
++        responseBuffer.writeCharSequence("Transfer-Encoding: chunked\r\n\r\n", CharsetUtil.US_ASCII);
++        testInvalidHeaders0(responseBuffer);
++    }
++
++    @Test
++    public void testHeaderNameEndsWithControlChar1c() {
++        testHeaderNameEndsWithControlChar(0x1c);
++    }
++
++    @Test
++    public void testHeaderNameEndsWithControlChar1d() {
++        testHeaderNameEndsWithControlChar(0x1d);
++    }
++
++    @Test
++    public void testHeaderNameEndsWithControlChar1e() {
++        testHeaderNameEndsWithControlChar(0x1e);
++    }
++
++    @Test
++    public void testHeaderNameEndsWithControlChar1f() {
++        testHeaderNameEndsWithControlChar(0x1f);
++    }
++
++    @Test
++    public void testHeaderNameEndsWithControlChar0c() {
++        testHeaderNameEndsWithControlChar(0x0c);
++    }
++
++    private void testHeaderNameEndsWithControlChar(int controlChar) {
++        ByteBuf responseBuffer = Unpooled.buffer();
++        responseBuffer.writeCharSequence("HTTP/1.1 200 OK\r\n" +
++                "Host: netty.io\r\n", CharsetUtil.US_ASCII);
++        responseBuffer.writeCharSequence("Transfer-Encoding", CharsetUtil.US_ASCII);
++        responseBuffer.writeByte(controlChar);
++        responseBuffer.writeCharSequence(": chunked\r\n\r\n", CharsetUtil.US_ASCII);
++        testInvalidHeaders0(responseBuffer);
++    }
++
++    private static void testInvalidHeaders0(ByteBuf responseBuffer) {
++        EmbeddedChannel channel = new EmbeddedChannel(new HttpResponseDecoder());
++        assertTrue(channel.writeInbound(responseBuffer));
++        HttpResponse response = channel.readInbound();
++        assertThat(response.decoderResult().cause(), instanceOf(IllegalArgumentException.class));
++        assertTrue(response.decoderResult().isFailure());
++        assertFalse(channel.finish());
++    }
+ }


=====================================
debian/patches/CVE-2022-41881.patch
=====================================
@@ -0,0 +1,150 @@
+From: Markus Koschany <apo at debian.org>
+Date: Mon, 2 Jan 2023 11:09:08 +0100
+Subject: CVE-2022-41881
+
+Bug-Debian: https://bugs.debian.org/1027180
+Origin: https://github.com/netty/netty/commit/cd91cf3c99123bd1e53fd6a1de0e3d1922f05bb2
+---
+ .../handler/codec/haproxy/HAProxyMessage.java      | 16 ++++--
+ .../codec/haproxy/HAProxyMessageDecoderTest.java   | 65 ++++++++++++++++++++++
+ 2 files changed, 76 insertions(+), 5 deletions(-)
+
+diff --git a/codec-haproxy/src/main/java/io/netty/handler/codec/haproxy/HAProxyMessage.java b/codec-haproxy/src/main/java/io/netty/handler/codec/haproxy/HAProxyMessage.java
+index b40bf42..3f30c4a 100644
+--- a/codec-haproxy/src/main/java/io/netty/handler/codec/haproxy/HAProxyMessage.java
++++ b/codec-haproxy/src/main/java/io/netty/handler/codec/haproxy/HAProxyMessage.java
+@@ -30,6 +30,9 @@ import java.util.List;
+  */
+ public final class HAProxyMessage {
+ 
++    // Let's pick some conservative limit here.
++    private static final int MAX_NESTING_LEVEL = 128;
++
+     /**
+      * Version 1 proxy protocol message for 'UNKNOWN' proxied protocols. Per spec, when the proxied protocol is
+      * 'UNKNOWN' we must discard all other header values.
+@@ -238,7 +241,7 @@ public final class HAProxyMessage {
+     }
+ 
+     private static List<HAProxyTLV> readTlvs(final ByteBuf header) {
+-        HAProxyTLV haProxyTLV = readNextTLV(header);
++        HAProxyTLV haProxyTLV = readNextTLV(header, 0);
+         if (haProxyTLV == null) {
+             return Collections.emptyList();
+         }
+@@ -250,12 +253,15 @@ public final class HAProxyMessage {
+             if (haProxyTLV instanceof HAProxySSLTLV) {
+                 haProxyTLVs.addAll(((HAProxySSLTLV) haProxyTLV).encapsulatedTLVs());
+             }
+-        } while ((haProxyTLV = readNextTLV(header)) != null);
++        } while ((haProxyTLV = readNextTLV(header, 0)) != null);
+         return haProxyTLVs;
+     }
+ 
+-    private static HAProxyTLV readNextTLV(final ByteBuf header) {
+-
++    private static HAProxyTLV readNextTLV(final ByteBuf header, int nestingLevel) {
++        if (nestingLevel > MAX_NESTING_LEVEL) {
++            throw new HAProxyProtocolException(
++                    "Maximum TLV nesting level reached: " + nestingLevel + " (expected: < " + MAX_NESTING_LEVEL + ')');
++        }
+         // We need at least 4 bytes for a TLV
+         if (header.readableBytes() < 4) {
+             return null;
+@@ -276,7 +282,7 @@ public final class HAProxyMessage {
+ 
+                 final List<HAProxyTLV> encapsulatedTlvs = new ArrayList<HAProxyTLV>(4);
+                 do {
+-                    final HAProxyTLV haProxyTLV = readNextTLV(byteBuf);
++                    final HAProxyTLV haProxyTLV = readNextTLV(byteBuf, nestingLevel + 1);
+                     if (haProxyTLV == null) {
+                         break;
+                     }
+diff --git a/codec-haproxy/src/test/java/io/netty/handler/codec/haproxy/HAProxyMessageDecoderTest.java b/codec-haproxy/src/test/java/io/netty/handler/codec/haproxy/HAProxyMessageDecoderTest.java
+index 2d4039d..8d27e4a 100644
+--- a/codec-haproxy/src/test/java/io/netty/handler/codec/haproxy/HAProxyMessageDecoderTest.java
++++ b/codec-haproxy/src/test/java/io/netty/handler/codec/haproxy/HAProxyMessageDecoderTest.java
+@@ -16,6 +16,7 @@
+ package io.netty.handler.codec.haproxy;
+ 
+ import io.netty.buffer.ByteBuf;
++import io.netty.buffer.Unpooled;
+ import io.netty.channel.ChannelFuture;
+ import io.netty.channel.embedded.EmbeddedChannel;
+ import io.netty.handler.codec.ProtocolDetectionResult;
+@@ -26,6 +27,9 @@ import io.netty.util.CharsetUtil;
+ import org.junit.Before;
+ import org.junit.Test;
+ 
++import java.io.ByteArrayOutputStream;
++import java.nio.ByteBuffer;
++import java.nio.ByteOrder;
+ import java.util.List;
+ 
+ import static io.netty.buffer.Unpooled.*;
+@@ -1013,4 +1017,65 @@ public class HAProxyMessageDecoderTest {
+         assertNull(result.detectedProtocol());
+         incompleteHeader.release();
+     }
++
++    @Test
++    public void testNestedTLV() throws Exception {
++        ByteArrayOutputStream headerWriter = new ByteArrayOutputStream();
++        //src_ip = "AAAA", dst_ip = "BBBB", src_port = "CC", dst_port = "DD"
++        headerWriter.write(new byte[] {'A', 'A', 'A', 'A', 'B', 'B', 'B', 'B', 'C', 'C', 'D', 'D'});
++        //write TLVs
++        int countOfTLVs = 8100;
++        ByteBuffer tlvLengthBuf = ByteBuffer.allocate(2);
++        tlvLengthBuf.order(ByteOrder.BIG_ENDIAN);
++        short totalLength = (short) (countOfTLVs * (1 + 2 + 1 + 4));
++        for (int i = 0; i < countOfTLVs; i++) {
++            //write PP2_TYPE_SSL TLV
++            headerWriter.write(0x20); //PP2_TYPE_SSL
++            //notice that the TLV length cannot be bigger than 0xffff
++            totalLength -= 1 + 2; //exclude type and length themselves
++            tlvLengthBuf.clear();
++            tlvLengthBuf.putShort(totalLength);
++            //add to the header
++            headerWriter.write(tlvLengthBuf.array());
++            //write client field
++            headerWriter.write(1);
++            //write verify field
++            headerWriter.write(new byte[] {'V', 'V', 'V', 'V'});
++            //subtract the client and verify fields
++            totalLength -= 1 + 4;
++        }
++        byte[] header = headerWriter.toByteArray();
++        ByteBuffer numsWrite = ByteBuffer.allocate(2);
++        numsWrite.order(ByteOrder.BIG_ENDIAN);
++        numsWrite.putShort((short) header.length);
++
++        final  ByteBuf data = Unpooled.buffer();
++        data.writeBytes(new byte[] {
++                (byte) 0x0D,
++                (byte) 0x0A,
++                (byte) 0x0D,
++                (byte) 0x0A,
++                (byte) 0x00,
++                (byte) 0x0D,
++                (byte) 0x0A,
++                (byte) 0x51,
++                (byte) 0x55,
++                (byte) 0x49,
++                (byte) 0x54,
++                (byte) 0x0A
++        });
++        //verCmd = 32
++        byte versionCmd = 0x20 | 1; //V2 | ProxyCmd
++        data.writeByte(versionCmd);
++        data.writeByte(17); //TPAF_TCP4_BYTE
++        data.writeBytes(numsWrite.array());
++        data.writeBytes(header);
++
++        assertThrows(HAProxyProtocolException.class, new Executable() {
++            @Override
++            public void execute() {
++                ch.writeInbound(data);
++            }
++        });
++    }
+ }


=====================================
debian/patches/CVE-2022-41915.patch
=====================================
@@ -0,0 +1,903 @@
+From: Markus Koschany <apo at debian.org>
+Date: Tue, 10 Jan 2023 23:39:17 +0100
+Subject: CVE-2022-41915
+
+Bug-Debian: https://bugs.debian.org/1027180
+Origin: https://github.com/netty/netty/commit/fe18adff1c2b333acb135ab779a3b9ba3295a1c4
+---
+ .../handler/codec/http/DefaultHttpHeadersTest.java |  25 +-
+ .../io/netty/handler/codec/DefaultHeaders.java     | 391 +++++++++++++++++----
+ 2 files changed, 346 insertions(+), 70 deletions(-)
+
+diff --git a/codec-http/src/test/java/io/netty/handler/codec/http/DefaultHttpHeadersTest.java b/codec-http/src/test/java/io/netty/handler/codec/http/DefaultHttpHeadersTest.java
+index d0f6c41..44984a7 100644
+--- a/codec-http/src/test/java/io/netty/handler/codec/http/DefaultHttpHeadersTest.java
++++ b/codec-http/src/test/java/io/netty/handler/codec/http/DefaultHttpHeadersTest.java
+@@ -20,7 +20,7 @@ import io.netty.util.AsciiString;
+ import io.netty.util.internal.StringUtil;
+ import org.junit.Test;
+ 
+-import java.util.Arrays;
++import java.util.Collections;
+ import java.util.Iterator;
+ import java.util.List;
+ import java.util.Set;
+@@ -33,6 +33,7 @@ import static org.junit.Assert.*;
+ 
+ public class DefaultHttpHeadersTest {
+     private static final CharSequence HEADER_NAME = "testHeader";
++    private static final CharSequence ILLEGAL_VALUE = "testHeader\r\nContent-Length:45\r\n\r\n";
+ 
+     @Test(expected = IllegalArgumentException.class)
+     public void nullHeaderNameNotAllowed() {
+@@ -206,6 +207,28 @@ public class DefaultHttpHeadersTest {
+         assertDefaultValues(headers, HeaderValue.THREE);
+     }
+ 
++    @Test
++    public void setCharSequenceValidatesValue() {
++        final DefaultHttpHeaders headers = newDefaultDefaultHttpHeaders();
++        assertThrows(IllegalArgumentException.class, new Executable() {
++            @Override
++            public void execute() throws Throwable {
++                headers.set(HEADER_NAME, ILLEGAL_VALUE);
++            }
++        });
++    }
++
++    @Test
++    public void setIterableValidatesValue() {
++        final DefaultHttpHeaders headers = newDefaultDefaultHttpHeaders();
++        assertThrows(IllegalArgumentException.class, new Executable() {
++            @Override
++            public void execute() throws Throwable {
++                headers.set(HEADER_NAME, Collections.singleton(ILLEGAL_VALUE));
++            }
++        });
++    }
++
+     @Test
+     public void toStringOnEmptyHeaders() {
+         assertEquals("DefaultHttpHeaders[]", newDefaultDefaultHttpHeaders().toString());
+diff --git a/codec/src/main/java/io/netty/handler/codec/DefaultHeaders.java b/codec/src/main/java/io/netty/handler/codec/DefaultHeaders.java
+index df7266d..6abe71b 100644
+--- a/codec/src/main/java/io/netty/handler/codec/DefaultHeaders.java
++++ b/codec/src/main/java/io/netty/handler/codec/DefaultHeaders.java
+@@ -5,7 +5,7 @@
+  * "License"); you may not use this file except in compliance with the License. You may obtain a
+  * copy of the License at:
+  *
+- * http://www.apache.org/licenses/LICENSE-2.0
++ * https://www.apache.org/licenses/LICENSE-2.0
+  *
+  * Unless required by applicable law or agreed to in writing, software distributed under the License
+  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+@@ -52,6 +52,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+     private final byte hashMask;
+     private final ValueConverter<V> valueConverter;
+     private final NameValidator<K> nameValidator;
++    private final ValueValidator<V> valueValidator;
+     private final HashingStrategy<K> hashingStrategy;
+     int size;
+ 
+@@ -72,6 +73,22 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+         };
+     }
+ 
++    public interface ValueValidator<V> {
++        /**
++         * Validate the given value. If the validation fails, then an implementation specific runtime exception may be
++         * thrown.
++         *
++         * @param value The value to validate.
++         */
++        void validate(V value);
++
++        ValueValidator<?> NO_VALIDATION = new ValueValidator<Object>() {
++            @Override
++            public void validate(Object value) {
++            }
++        };
++    }
++
+     @SuppressWarnings("unchecked")
+     public DefaultHeaders(ValueConverter<V> valueConverter) {
+         this(JAVA_HASHER, valueConverter);
+@@ -102,13 +119,30 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+      */
+     @SuppressWarnings("unchecked")
+     public DefaultHeaders(HashingStrategy<K> nameHashingStrategy,
+-            ValueConverter<V> valueConverter, NameValidator<K> nameValidator, int arraySizeHint) {
++                          ValueConverter<V> valueConverter, NameValidator<K> nameValidator, int arraySizeHint) {
++        this(nameHashingStrategy, valueConverter, nameValidator, arraySizeHint,
++                (ValueValidator<V>) ValueValidator.NO_VALIDATION);
++    }
++
++    /**
++     * Create a new instance.
++     * @param nameHashingStrategy Used to hash and equality compare names.
++     * @param valueConverter Used to convert values to/from native types.
++     * @param nameValidator Used to validate name elements.
++     * @param arraySizeHint A hint as to how large the hash data structure should be.
++     * The next positive power of two will be used. An upper bound may be enforced.
++     * @param valueValidator The validation strategy for entry values.
++     */
++    @SuppressWarnings("unchecked")
++    public DefaultHeaders(HashingStrategy<K> nameHashingStrategy, ValueConverter<V> valueConverter,
++                          NameValidator<K> nameValidator, int arraySizeHint, ValueValidator<V> valueValidator) {
+         this.valueConverter = checkNotNull(valueConverter, "valueConverter");
+         this.nameValidator = checkNotNull(nameValidator, "nameValidator");
+-        this.hashingStrategy = checkNotNull(nameHashingStrategy, "nameHashingStrategy");
++        hashingStrategy = checkNotNull(nameHashingStrategy, "nameHashingStrategy");
++        this.valueValidator = checkNotNull(valueValidator, "valueValidator");
+         // Enforce a bound of [2, 128] because hashMask is a byte. The max possible value of hashMask is one less
+         // than the length of this array, and we want the mask to be > 0.
+-        entries = new DefaultHeaders.HeaderEntry[findNextPositivePowerOfTwo(max(2, min(arraySizeHint, 128)))];
++        entries = new HeaderEntry[findNextPositivePowerOfTwo(max(2, min(arraySizeHint, 128)))];
+         hashMask = (byte) (entries.length - 1);
+         head = new HeaderEntry<K, V>();
+     }
+@@ -197,52 +231,52 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ 
+     @Override
+     public boolean containsObject(K name, Object value) {
+-        return contains(name, valueConverter.convertObject(checkNotNull(value, "value")));
++        return contains(name, fromObject(name, value));
+     }
+ 
+     @Override
+     public boolean containsBoolean(K name, boolean value) {
+-        return contains(name, valueConverter.convertBoolean(value));
++        return contains(name, fromBoolean(name, value));
+     }
+ 
+     @Override
+     public boolean containsByte(K name, byte value) {
+-        return contains(name, valueConverter.convertByte(value));
++        return contains(name, fromByte(name, value));
+     }
+ 
+     @Override
+     public boolean containsChar(K name, char value) {
+-        return contains(name, valueConverter.convertChar(value));
++        return contains(name, fromChar(name, value));
+     }
+ 
+     @Override
+     public boolean containsShort(K name, short value) {
+-        return contains(name, valueConverter.convertShort(value));
++        return contains(name, fromShort(name, value));
+     }
+ 
+     @Override
+     public boolean containsInt(K name, int value) {
+-        return contains(name, valueConverter.convertInt(value));
++        return contains(name, fromInt(name, value));
+     }
+ 
+     @Override
+     public boolean containsLong(K name, long value) {
+-        return contains(name, valueConverter.convertLong(value));
++        return contains(name, fromLong(name, value));
+     }
+ 
+     @Override
+     public boolean containsFloat(K name, float value) {
+-        return contains(name, valueConverter.convertFloat(value));
++        return contains(name, fromFloat(name, value));
+     }
+ 
+     @Override
+     public boolean containsDouble(K name, double value) {
+-        return contains(name, valueConverter.convertDouble(value));
++        return contains(name, fromDouble(name, value));
+     }
+ 
+     @Override
+     public boolean containsTimeMillis(K name, long value) {
+-        return contains(name, valueConverter.convertTimeMillis(value));
++        return contains(name, fromTimeMillis(name, value));
+     }
+ 
+     @SuppressWarnings("unchecked")
+@@ -292,7 +326,8 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ 
+     @Override
+     public T add(K name, V value) {
+-        nameValidator.validateName(name);
++        validateName(nameValidator, true, name);
++        validateValue(valueValidator, name, value);
+         checkNotNull(value, "value");
+         int h = hashingStrategy.hashCode(name);
+         int i = index(h);
+@@ -302,10 +337,11 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ 
+     @Override
+     public T add(K name, Iterable<? extends V> values) {
+-        nameValidator.validateName(name);
++        validateName(nameValidator, true, name);
+         int h = hashingStrategy.hashCode(name);
+         int i = index(h);
+         for (V v: values) {
++            validateValue(valueValidator, name, v);
+             add0(h, i, name, v);
+         }
+         return thisT();
+@@ -313,10 +349,11 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ 
+     @Override
+     public T add(K name, V... values) {
+-        nameValidator.validateName(name);
++        validateName(nameValidator, true, name);
+         int h = hashingStrategy.hashCode(name);
+         int i = index(h);
+         for (V v: values) {
++            validateValue(valueValidator, name, v);
+             add0(h, i, name, v);
+         }
+         return thisT();
+@@ -324,7 +361,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ 
+     @Override
+     public T addObject(K name, Object value) {
+-        return add(name, valueConverter.convertObject(checkNotNull(value, "value")));
++        return add(name, fromObject(name, value));
+     }
+ 
+     @Override
+@@ -345,47 +382,47 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ 
+     @Override
+     public T addInt(K name, int value) {
+-        return add(name, valueConverter.convertInt(value));
++        return add(name, fromInt(name, value));
+     }
+ 
+     @Override
+     public T addLong(K name, long value) {
+-        return add(name, valueConverter.convertLong(value));
++        return add(name, fromLong(name, value));
+     }
+ 
+     @Override
+     public T addDouble(K name, double value) {
+-        return add(name, valueConverter.convertDouble(value));
++        return add(name, fromDouble(name, value));
+     }
+ 
+     @Override
+     public T addTimeMillis(K name, long value) {
+-        return add(name, valueConverter.convertTimeMillis(value));
++        return add(name, fromTimeMillis(name, value));
+     }
+ 
+     @Override
+     public T addChar(K name, char value) {
+-        return add(name, valueConverter.convertChar(value));
++        return add(name, fromChar(name, value));
+     }
+ 
+     @Override
+     public T addBoolean(K name, boolean value) {
+-        return add(name, valueConverter.convertBoolean(value));
++        return add(name, fromBoolean(name, value));
+     }
+ 
+     @Override
+     public T addFloat(K name, float value) {
+-        return add(name, valueConverter.convertFloat(value));
++        return add(name, fromFloat(name, value));
+     }
+ 
+     @Override
+     public T addByte(K name, byte value) {
+-        return add(name, valueConverter.convertByte(value));
++        return add(name, fromByte(name, value));
+     }
+ 
+     @Override
+     public T addShort(K name, short value) {
+-        return add(name, valueConverter.convertShort(value));
++        return add(name, fromShort(name, value));
+     }
+ 
+     @Override
+@@ -427,7 +464,8 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ 
+     @Override
+     public T set(K name, V value) {
+-        nameValidator.validateName(name);
++        validateName(nameValidator, false, name);
++        validateValue(valueValidator, name, value);
+         checkNotNull(value, "value");
+         int h = hashingStrategy.hashCode(name);
+         int i = index(h);
+@@ -438,7 +476,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ 
+     @Override
+     public T set(K name, Iterable<? extends V> values) {
+-        nameValidator.validateName(name);
++        validateName(nameValidator, false, name);
+         checkNotNull(values, "values");
+ 
+         int h = hashingStrategy.hashCode(name);
+@@ -449,6 +487,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+             if (v == null) {
+                 break;
+             }
++            validateValue(valueValidator, name, v);
+             add0(h, i, name, v);
+         }
+ 
+@@ -457,7 +496,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ 
+     @Override
+     public T set(K name, V... values) {
+-        nameValidator.validateName(name);
++        validateName(nameValidator, false, name);
+         checkNotNull(values, "values");
+ 
+         int h = hashingStrategy.hashCode(name);
+@@ -468,6 +507,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+             if (v == null) {
+                 break;
+             }
++            validateValue(valueValidator, name, v);
+             add0(h, i, name, v);
+         }
+ 
+@@ -476,14 +516,13 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ 
+     @Override
+     public T setObject(K name, Object value) {
+-        checkNotNull(value, "value");
+-        V convertedValue = checkNotNull(valueConverter.convertObject(value), "convertedValue");
++        V convertedValue = checkNotNull(fromObject(name, value), "convertedValue");
+         return set(name, convertedValue);
+     }
+ 
+     @Override
+     public T setObject(K name, Iterable<?> values) {
+-        nameValidator.validateName(name);
++        validateName(nameValidator, false, name);
+ 
+         int h = hashingStrategy.hashCode(name);
+         int i = index(h);
+@@ -493,7 +532,9 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+             if (v == null) {
+                 break;
+             }
+-            add0(h, i, name, valueConverter.convertObject(v));
++            V converted = fromObject(name, v);
++            validateValue(valueValidator, name, converted);
++            add0(h, i, name, converted);
+         }
+ 
+         return thisT();
+@@ -501,7 +542,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ 
+     @Override
+     public T setObject(K name, Object... values) {
+-        nameValidator.validateName(name);
++        validateName(nameValidator, false, name);
+ 
+         int h = hashingStrategy.hashCode(name);
+         int i = index(h);
+@@ -511,7 +552,9 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+             if (v == null) {
+                 break;
+             }
+-            add0(h, i, name, valueConverter.convertObject(v));
++            V converted = fromObject(name, v);
++            validateValue(valueValidator, name, converted);
++            add0(h, i, name, converted);
+         }
+ 
+         return thisT();
+@@ -519,47 +562,47 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+ 
+     @Override
+     public T setInt(K name, int value) {
+-        return set(name, valueConverter.convertInt(value));
++        return set(name, fromInt(name, value));
+     }
+ 
+     @Override
+     public T setLong(K name, long value) {
+-        return set(name, valueConverter.convertLong(value));
++        return set(name, fromLong(name, value));
+     }
+ 
+     @Override
+     public T setDouble(K name, double value) {
+-        return set(name, valueConverter.convertDouble(value));
++        return set(name, fromDouble(name, value));
+     }
+ 
+     @Override
+     public T setTimeMillis(K name, long value) {
+-        return set(name, valueConverter.convertTimeMillis(value));
++        return set(name, fromTimeMillis(name, value));
+     }
+ 
+     @Override
+     public T setFloat(K name, float value) {
+-        return set(name, valueConverter.convertFloat(value));
++        return set(name, fromFloat(name, value));
+     }
+ 
+     @Override
+     public T setChar(K name, char value) {
+-        return set(name, valueConverter.convertChar(value));
++        return set(name, fromChar(name, value));
+     }
+ 
+     @Override
+     public T setBoolean(K name, boolean value) {
+-        return set(name, valueConverter.convertBoolean(value));
++        return set(name, fromBoolean(name, value));
+     }
+ 
+     @Override
+     public T setByte(K name, byte value) {
+-        return set(name, valueConverter.convertByte(value));
++        return set(name, fromByte(name, value));
+     }
+ 
+     @Override
+     public T setShort(K name, short value) {
+-        return set(name, valueConverter.convertShort(value));
++        return set(name, fromShort(name, value));
+     }
+ 
+     @Override
+@@ -604,7 +647,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+     public Boolean getBoolean(K name) {
+         V v = get(name);
+         try {
+-            return v != null ? valueConverter.convertToBoolean(v) : null;
++            return v != null ? toBoolean(name, v) : null;
+         } catch (RuntimeException ignore) {
+             return null;
+         }
+@@ -620,7 +663,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+     public Byte getByte(K name) {
+         V v = get(name);
+         try {
+-            return v != null ? valueConverter.convertToByte(v) : null;
++            return v != null ? toByte(name, v) : null;
+         } catch (RuntimeException ignore) {
+             return null;
+         }
+@@ -636,7 +679,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+     public Character getChar(K name) {
+         V v = get(name);
+         try {
+-            return v != null ? valueConverter.convertToChar(v) : null;
++            return v != null ? toChar(name, v) : null;
+         } catch (RuntimeException ignore) {
+             return null;
+         }
+@@ -652,7 +695,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+     public Short getShort(K name) {
+         V v = get(name);
+         try {
+-            return v != null ? valueConverter.convertToShort(v) : null;
++            return v != null ? toShort(name, v) : null;
+         } catch (RuntimeException ignore) {
+             return null;
+         }
+@@ -668,7 +711,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+     public Integer getInt(K name) {
+         V v = get(name);
+         try {
+-            return v != null ? valueConverter.convertToInt(v) : null;
++            return v != null ? toInt(name, v) : null;
+         } catch (RuntimeException ignore) {
+             return null;
+         }
+@@ -684,7 +727,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+     public Long getLong(K name) {
+         V v = get(name);
+         try {
+-            return v != null ? valueConverter.convertToLong(v) : null;
++            return v != null ? toLong(name, v) : null;
+         } catch (RuntimeException ignore) {
+             return null;
+         }
+@@ -700,7 +743,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+     public Float getFloat(K name) {
+         V v = get(name);
+         try {
+-            return v != null ? valueConverter.convertToFloat(v) : null;
++            return v != null ? toFloat(name, v) : null;
+         } catch (RuntimeException ignore) {
+             return null;
+         }
+@@ -716,7 +759,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+     public Double getDouble(K name) {
+         V v = get(name);
+         try {
+-            return v != null ? valueConverter.convertToDouble(v) : null;
++            return v != null ? toDouble(name, v) : null;
+         } catch (RuntimeException ignore) {
+             return null;
+         }
+@@ -732,7 +775,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+     public Long getTimeMillis(K name) {
+         V v = get(name);
+         try {
+-            return v != null ? valueConverter.convertToTimeMillis(v) : null;
++            return v != null ? toTimeMillis(name, v) : null;
+         } catch (RuntimeException ignore) {
+             return null;
+         }
+@@ -748,7 +791,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+     public Boolean getBooleanAndRemove(K name) {
+         V v = getAndRemove(name);
+         try {
+-            return v != null ? valueConverter.convertToBoolean(v) : null;
++            return v != null ? toBoolean(name, v) : null;
+         } catch (RuntimeException ignore) {
+             return null;
+         }
+@@ -764,7 +807,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+     public Byte getByteAndRemove(K name) {
+         V v = getAndRemove(name);
+         try {
+-            return v != null ? valueConverter.convertToByte(v) : null;
++            return v != null ? toByte(name, v) : null;
+         } catch (RuntimeException ignore) {
+             return null;
+         }
+@@ -780,7 +823,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+     public Character getCharAndRemove(K name) {
+         V v = getAndRemove(name);
+         try {
+-            return v != null ? valueConverter.convertToChar(v) : null;
++            return v != null ? toChar(name, v) : null;
+         } catch (RuntimeException ignore) {
+             return null;
+         }
+@@ -796,7 +839,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+     public Short getShortAndRemove(K name) {
+         V v = getAndRemove(name);
+         try {
+-            return v != null ? valueConverter.convertToShort(v) : null;
++            return v != null ? toShort(name, v) : null;
+         } catch (RuntimeException ignore) {
+             return null;
+         }
+@@ -812,7 +855,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+     public Integer getIntAndRemove(K name) {
+         V v = getAndRemove(name);
+         try {
+-            return v != null ? valueConverter.convertToInt(v) : null;
++            return v != null ? toInt(name, v) : null;
+         } catch (RuntimeException ignore) {
+             return null;
+         }
+@@ -828,7 +871,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+     public Long getLongAndRemove(K name) {
+         V v = getAndRemove(name);
+         try {
+-            return v != null ? valueConverter.convertToLong(v) : null;
++            return v != null ? toLong(name, v) : null;
+         } catch (RuntimeException ignore) {
+             return null;
+         }
+@@ -844,7 +887,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+     public Float getFloatAndRemove(K name) {
+         V v = getAndRemove(name);
+         try {
+-            return v != null ? valueConverter.convertToFloat(v) : null;
++            return v != null ? toFloat(name, v) : null;
+         } catch (RuntimeException ignore) {
+             return null;
+         }
+@@ -860,7 +903,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+     public Double getDoubleAndRemove(K name) {
+         V v = getAndRemove(name);
+         try {
+-            return v != null ? valueConverter.convertToDouble(v) : null;
++            return v != null ? toDouble(name, v) : null;
+         } catch (RuntimeException ignore) {
+             return null;
+         }
+@@ -876,7 +919,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+     public Long getTimeMillisAndRemove(K name) {
+         V v = getAndRemove(name);
+         try {
+-            return v != null ? valueConverter.convertToTimeMillis(v) : null;
++            return v != null ? toTimeMillis(name, v) : null;
+         } catch (RuntimeException ignore) {
+             return null;
+         }
+@@ -957,6 +1000,22 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+         return HeadersUtils.toString(getClass(), iterator(), size());
+     }
+ 
++    /**
++     * Call out to the given {@link NameValidator} to validate the given name.
++     *
++     * @param validator the validator to use
++     * @param forAdd {@code true } if this validation is for adding to the headers, or {@code false} if this is for
++     * setting (overwriting) the given header.
++     * @param name the name to validate.
++     */
++    protected void validateName(NameValidator<K> validator, boolean forAdd, K name) {
++        validator.validateName(name);
++    }
++
++    protected void validateValue(ValueValidator<V> validator, K name, V value) {
++        validator.validate(value);
++    }
++
+     protected HeaderEntry<K, V> newHeaderEntry(int h, K name, V value, HeaderEntry<K, V> next) {
+         return new HeaderEntry<K, V>(h, name, value, next, head);
+     }
+@@ -965,6 +1024,14 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+         return valueConverter;
+     }
+ 
++    protected NameValidator<K> nameValidator() {
++        return nameValidator;
++    }
++
++    protected ValueValidator<V> valueValidator() {
++        return valueValidator;
++    }
++
+     private int index(int hash) {
+         return hash & hashMask;
+     }
+@@ -1012,11 +1079,188 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+         return value;
+     }
+ 
++    HeaderEntry<K, V> remove0(HeaderEntry<K, V> entry, HeaderEntry<K, V> previous) {
++        int i = index(entry.hash);
++        HeaderEntry<K, V> firstEntry = entries[i];
++        if (firstEntry == entry) {
++            entries[i] = entry.next;
++            previous = entries[i];
++        } else if (previous == null) {
++            // If we don't have any existing starting point, then start from the beginning.
++            previous = firstEntry;
++            HeaderEntry<K, V> next = firstEntry.next;
++            while (next != null && next != entry) {
++                previous = next;
++                next = next.next;
++            }
++            assert next != null: "Entry not found in its hash bucket: " + entry;
++            previous.next = entry.next;
++        } else {
++            previous.next = entry.next;
++        }
++        entry.remove();
++        --size;
++        return previous;
++    }
++
+     @SuppressWarnings("unchecked")
+     private T thisT() {
+         return (T) this;
+     }
+ 
++    private V fromObject(K name, Object value) {
++        try {
++            return valueConverter.convertObject(checkNotNull(value, "value"));
++        } catch (IllegalArgumentException e) {
++            throw new IllegalArgumentException("Failed to convert object value for header '" + name + '\'', e);
++        }
++    }
++
++    private V fromBoolean(K name, boolean value) {
++        try {
++            return valueConverter.convertBoolean(value);
++        } catch (IllegalArgumentException e) {
++            throw new IllegalArgumentException("Failed to convert boolean value for header '" + name + '\'', e);
++        }
++    }
++
++    private V fromByte(K name, byte value) {
++        try {
++            return valueConverter.convertByte(value);
++        } catch (IllegalArgumentException e) {
++            throw new IllegalArgumentException("Failed to convert byte value for header '" + name + '\'', e);
++        }
++    }
++
++    private V fromChar(K name, char value) {
++        try {
++            return valueConverter.convertChar(value);
++        } catch (IllegalArgumentException e) {
++            throw new IllegalArgumentException("Failed to convert char value for header '" + name + '\'', e);
++        }
++    }
++
++    private V fromShort(K name, short value) {
++        try {
++            return valueConverter.convertShort(value);
++        } catch (IllegalArgumentException e) {
++            throw new IllegalArgumentException("Failed to convert short value for header '" + name + '\'', e);
++        }
++    }
++
++    private V fromInt(K name, int value) {
++        try {
++            return valueConverter.convertInt(value);
++        } catch (IllegalArgumentException e) {
++            throw new IllegalArgumentException("Failed to convert int value for header '" + name + '\'', e);
++        }
++    }
++
++    private V fromLong(K name, long value) {
++        try {
++            return valueConverter.convertLong(value);
++        } catch (IllegalArgumentException e) {
++            throw new IllegalArgumentException("Failed to convert long value for header '" + name + '\'', e);
++        }
++    }
++
++    private V fromFloat(K name, float value) {
++        try {
++            return valueConverter.convertFloat(value);
++        } catch (IllegalArgumentException e) {
++            throw new IllegalArgumentException("Failed to convert float value for header '" + name + '\'', e);
++        }
++    }
++
++    private V fromDouble(K name, double value) {
++        try {
++            return valueConverter.convertDouble(value);
++        } catch (IllegalArgumentException e) {
++            throw new IllegalArgumentException("Failed to convert double value for header '" + name + '\'', e);
++        }
++    }
++
++    private V fromTimeMillis(K name, long value) {
++        try {
++            return valueConverter.convertTimeMillis(value);
++        } catch (IllegalArgumentException e) {
++            throw new IllegalArgumentException("Failed to convert millsecond value for header '" + name + '\'', e);
++        }
++    }
++
++    private boolean toBoolean(K name, V value) {
++        try {
++            return valueConverter.convertToBoolean(value);
++        } catch (IllegalArgumentException e) {
++            throw new IllegalArgumentException("Failed to convert header value to boolean for header '" + name + '\'');
++        }
++    }
++
++    private byte toByte(K name, V value) {
++        try {
++            return valueConverter.convertToByte(value);
++        } catch (IllegalArgumentException e) {
++            throw new IllegalArgumentException("Failed to convert header value to byte for header '" + name + '\'');
++        }
++    }
++
++    private char toChar(K name, V value) {
++        try {
++            return valueConverter.convertToChar(value);
++        } catch (IllegalArgumentException e) {
++            throw new IllegalArgumentException("Failed to convert header value to char for header '" + name + '\'');
++        }
++    }
++
++    private short toShort(K name, V value) {
++        try {
++            return valueConverter.convertToShort(value);
++        } catch (IllegalArgumentException e) {
++            throw new IllegalArgumentException("Failed to convert header value to short for header '" + name + '\'');
++        }
++    }
++
++    private int toInt(K name, V value) {
++        try {
++            return valueConverter.convertToInt(value);
++        } catch (IllegalArgumentException e) {
++            throw new IllegalArgumentException("Failed to convert header value to int for header '" + name + '\'');
++        }
++    }
++
++    private long toLong(K name, V value) {
++        try {
++            return valueConverter.convertToLong(value);
++        } catch (IllegalArgumentException e) {
++            throw new IllegalArgumentException("Failed to convert header value to long for header '" + name + '\'');
++        }
++    }
++
++    private float toFloat(K name, V value) {
++        try {
++            return valueConverter.convertToFloat(value);
++        } catch (IllegalArgumentException e) {
++            throw new IllegalArgumentException("Failed to convert header value to float for header '" + name + '\'');
++        }
++    }
++
++    private double toDouble(K name, V value) {
++        try {
++            return valueConverter.convertToDouble(value);
++        } catch (IllegalArgumentException e) {
++            throw new IllegalArgumentException("Failed to convert header value to double for header '" + name + '\'');
++        }
++    }
++
++    private long toTimeMillis(K name, V value) {
++        try {
++            return valueConverter.convertToTimeMillis(value);
++        } catch (IllegalArgumentException e) {
++            throw new IllegalArgumentException(
++                    "Failed to convert header value to millsecond for header '" + name + '\'');
++        }
++    }
++
+     /**
+      * Returns a deep copy of this instance.
+      */
+@@ -1027,7 +1271,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+         return copy;
+     }
+ 
+-    private final class HeaderIterator implements Iterator<Map.Entry<K, V>> {
++    private final class HeaderIterator implements Iterator<Entry<K, V>> {
+         private HeaderEntry<K, V> current = head;
+ 
+         @Override
+@@ -1055,6 +1299,8 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+     private final class ValueIterator implements Iterator<V> {
+         private final K name;
+         private final int hash;
++        private HeaderEntry<K, V> removalPrevious;
++        private HeaderEntry<K, V> previous;
+         private HeaderEntry<K, V> next;
+ 
+         ValueIterator(K name) {
+@@ -1073,14 +1319,21 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+             if (!hasNext()) {
+                 throw new NoSuchElementException();
+             }
+-            HeaderEntry<K, V> current = next;
++            if (previous != null) {
++                removalPrevious = previous;
++            }
++            previous = next;
+             calculateNext(next.next);
+-            return current.value;
++            return previous.value;
+         }
+ 
+         @Override
+         public void remove() {
+-            throw new UnsupportedOperationException("read only");
++            if (previous == null) {
++                throw new IllegalStateException();
++            }
++            removalPrevious = remove0(previous, removalPrevious);
++            previous = null;
+         }
+ 
+         private void calculateNext(HeaderEntry<K, V> entry) {
+@@ -1095,7 +1348,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+         }
+     }
+ 
+-    protected static class HeaderEntry<K, V> implements Map.Entry<K, V> {
++    protected static class HeaderEntry<K, V> implements Entry<K, V> {
+         protected final int hash;
+         protected final K key;
+         protected V value;
+@@ -1176,7 +1429,7 @@ public class DefaultHeaders<K, V, T extends Headers<K, V, T>> implements Headers
+             if (!(o instanceof Map.Entry)) {
+                 return false;
+             }
+-            Map.Entry<?, ?> other = (Map.Entry<?, ?>) o;
++            Entry<?, ?> other = (Entry<?, ?>) o;
+             return (getKey() == null ? other.getKey() == null : getKey().equals(other.getKey()))  &&
+                    (getValue() == null ? other.getValue() == null : getValue().equals(other.getValue()));
+         }


=====================================
debian/patches/series
=====================================
@@ -18,3 +18,8 @@ CVE-2020-11612.patch
 CVE-2021-21290.patch
 CVE-2021-21295.patch
 CVE-2021-21409.patch
+CVE-2021-37136.patch
+CVE-2021-37137.patch
+CVE-2021-43797.patch
+CVE-2022-41881.patch
+CVE-2022-41915.patch



View it on GitLab: https://salsa.debian.org/java-team/netty/-/compare/c9d651daeca3303cb9d659b41b18e8b6411ee77b...95a586050ebca67868165377a7b8d7b55b790f4f

-- 
View it on GitLab: https://salsa.debian.org/java-team/netty/-/compare/c9d651daeca3303cb9d659b41b18e8b6411ee77b...95a586050ebca67868165377a7b8d7b55b790f4f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-java-commits/attachments/20230111/486d23ae/attachment.htm>


More information about the pkg-java-commits mailing list