Bug#982580: netty: CVE-2021-21290
Salvatore Bonaccorso
carnil at debian.org
Fri Feb 12 20:11:22 GMT 2021
hey Markus,
[Adding CC to team at s.do so we can better distribute load on requests]
On Fri, Feb 12, 2021 at 08:31:11PM +0100, Markus Koschany wrote:
> Control: owner -1 !
>
> Hi Salvatore,
>
> Am Freitag, den 12.02.2021, 07:42 +0100 schrieb Salvatore Bonaccorso:
> > Source: netty
> > Version: 1:4.1.48-1
> > Severity: important
> > Tags: security upstream
> > X-Debbugs-Cc: carnil at debian.org, Debian Security Team <
> > team at security.debian.org>
> > Control: found -1 1:4.1.33-1+deb10u1
> > Control: found -1 1:4.1.33-1
> >
> > Hi,
> >
> > The following vulnerability was published for netty.
>
> Thanks for the report. I'll take care of unstable. Did Chris contact you for a
> Buster update already or shall I prepare one as well?
Thanks for the unstable part!
For buster: not so far. netty indeed warrants a DSA and we listed it
already in dsa-needed list. If you want to take care of it, can you as
well please look at the other open issues for buster-security and pick
those up as well?
Regards,
Salvatore
More information about the pkg-java-maintainers
mailing list