Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

netty-4.1.115-1.1 RPM for x86_64

From OpenSuSE Tumbleweed for x86_64

Name: netty Distribution: openSUSE Tumbleweed
Version: 4.1.115 Vendor: openSUSE
Release: 1.1 Build date: Thu Dec 5 13:48:41 2024
Group: Unspecified Build host: reproducible
Size: 4957750 Source RPM: netty-4.1.115-1.1.src.rpm
Packager: https://bugs.opensuse.org
Url: https://netty.io/
Summary: An asynchronous event-driven network application framework and tools for Java
Netty is a NIO client server framework which enables quick and easy
development of network applications such as protocol servers and
clients. It greatly simplifies and streamlines network programming
such as TCP and UDP socket server.

'Quick and easy' doesn't mean that a resulting application will suffer
from a maintainability or a performance issue. Netty has been designed
carefully with the experiences earned from the implementation of a lot
of protocols such as FTP, SMTP, HTTP, and various binary and
text-based legacy protocols. As a result, Netty has succeeded to find
a way to achieve ease of development, performance, stability, and
flexibility without a compromise.

Provides

Requires

License

Apache-2.0

Changelog

* Thu Dec 05 2024 Fridrich Strba <fstrba@suse.com>
  - Upgrade to upstream version 4.1.115
    * Fixes:
      + Allow MessageToMessageDecoder to take care of reading more
      data when needed
      + Fix SSL session resumption with ClientAuth.OPTIONAL and add
      tests with session tickets
      + Fix incorrect cast in NioDomainSocketChannel.parent()
      + Fix bug where SslHandler may stall after TLSv1.3 handshake
      with delegate tasks
      + AdaptiveByteBufAllocator: Make pooling of AdaptiveByteBuf
      magazine local
      + Specialize Adaptive's allocator Recycler based on magazine's
      owner
      + Fix epoll_wait retry loop
      + Log / include the correct error during handshake failure
      + Convey autoAckPing in http2 decoder constructor chain
      + Allow to set used named groups per OpenSslContext
      + Verify default named groups before using them with native SSL
      implementation
      + Include details on why it was not possible to configure
      accepted issuers in the SSLException
      + Correctly detect if KeyManager is not supported by OpenSSL
      version
      + Preserve ordering of default named groups during conversation
      + Denial of Service attack on windows app using netty
      (bsc#1233297, CVE-2024-47535)
  - Split the netty-poms package in netty-parent and netty-bom
  - Modified patch:
    * 0001-Remove-optional-dep-Blockhound.patch
      + rediff
* Wed Nov 27 2024 Fridrich Strba <fstrba@suse.com>
  - Clean a bit the spec file and adapt to the recent changes in
    netty-tcnative package
  - Removed patches:
    * 0005-Do-not-use-the-Graal-annotations.patch
    * 0006-Do-not-use-the-Jetbrains-annotations.patch
      + remove the annotations with a macro in the jurand tool
    * 0007-Do-not-require-the-tcnative-native-library.patch
      + we are building now the artifact, so we can require it
* Wed Oct 30 2024 Fridrich Strba <fstrba@suse.com>
  - Upgrade to upstream version 4.1.114
    * Fixes of 4.1.114:
      + Validate HTTP Method
      + Release AdaptiveByteBuf when ownership could not be transfered
      + Make arenas reuse their last chunk more aggressively
      + Only add Magazine to Set if we can ensure its removed again
      + Ensure Chunk will not leak if init of AdaptiveByteBuf fails
      for whatever reason
      + Correctly release one-off allocated chunks
      + Ensure pooled memory is released when
      AdaptivePoolingAllocator is GC'ed
      + Slices / duplicates of AdaptiveByteBuf must not escape the
      rootParent
      + Fix sizeBucket bug in AdaptivePoolingAllocator
      + AdaptiveByteBufAllocator: More strict reference counting for
      chunks
      + Ensure we not store the DnsQueryContext for later removal when
      we couldnt obtain a query id
      + Reduce memory fragmentation
      + Properly free magazine chunks and avoid orphaned magazines
      + Magazines must be freed under the expand lock
      + Release message before failing promise when multiple requests
      are written while upgrade is in progress.
      + Allow to reuse more then one session per host / port mapping
      + Ensure writes will not fail when triggered after receiving
      UpgradeEvent.UPGRADE_SUCCESSFUL
      + Refactor DnsNameResolver to be able to use different
      strategies when it comes to creating Channels for queries.
      + DnsNameResolver: allow users to skip bind() during bootstrap
      + DnsResolverBuilder methods should make it clear that these are
      for DatagramChannel
    * Fixes of 4.1.113:
      + feat: Support for IP_BIND_ADDRESS_NO_PORT socket option
      + Ensure AbstractCoalescingBufferQueue does not end up in
      inconsistent state on error
      + Add new SslHandler.isEncrypted(...) variant that will not
      produce false positives
      + Ensure flushes are not discarded by ChunkedWriteHandler for
      passed through messages
      + Remove reference to parent in recycled buffers for leak
      detection
      + Upgrade to netty-tcnative 2.0.66.Final
      + Cleanup fields on AdaptiveByteBuf::deallocate
    * Fixes of 4.1.112:
      + Avoid unnecessary reflective probes on netty initialization
      + Allow control frames between fragments
      + Only delete the socket file for NioServerDomainSocketChannel
      + Add check for IPv6 brackets when address is unresolved
      + fix ResolvConf initialization with SecurityManager enabled
      + Fix potential DNS cache invalidation in
      ResolveWithDotSearchDomain scenario
      + Backport the SslContextBuilder.endpointIdentificationAlgorithm
      method
      + Aggressively remove PoolThreadCache references from its
      finalizer object
      + Send Http2PriorityFrame through fireUserEventTriggered for
      Http2MultiplexHandler
      + Fix potential DNS cache invalidation across different
      EventLoops
      + Reject http header values with non SP / HTAB chars
      + Don't strip whitespaces from header names and let the
      validator handle it
      + Reject request if NUL is present in the request line
      + Allow HTTP responses without reason-phrase
      + Validate HTTP version while decoding
      + Only include scopeId on link-local addresses when using native
      transport
    * Fixes of 4.1.111:
      + ReadOnlyByteBufferBuf | ReadOnlyUnsafeDirectByteBuf get, copy,
      duplicate, slice methods should be safe to be called from
      multiple threads
      + ReadyOnlyBuf must return false for isWritable() when sliced or
      duplicated
      + ReadOnlyByteBuf (and sub-classes) does not create derived
      buffers that share reference count
      + ByteBuf.asReadOnly().nioBuffer*() need to return read-only
      ByteBuffer
      + Remove unwanted mandatory dependency in OSGi
      + HashedWheelTimer.stop() must cancel tasks
      + ZSTD decompression not resilient to compression bombs
      + Duplicate of slice should have the same capacity as the
      original slice so that it's not writable
      + Optimize wrap buffer cumulation in SslHandler and don't mutate
      input buffers
      + Prepare for unsafe memory access deprecated for removal
      + Fix AdaptiveByteBufAllocator class loading on Java 6/7
      + Add missing NULL checks in native code
    * Fixes of 4.1.110:
      + Add unix domain socket transport in netty 4.x via JDK16+
      + Backport #13075: Add the AdaptivePoolingAllocator
      + Add no-value key handling only for form body
      + Add support for specifying SecureRandom in SSLContext
      initialization
    * Fixes of 4.1.109:
      + Utilize ByteBuf#indexOf
      + Don't send a RST frame when closing the stream in a write
      future while processing inbound frames
      + Fix DefaultChannelId#asLongText NPE
      + Fix voidPromise in Http2FrameCodec.writeHeadersFrame
      + Make /etc/resolv.conf reading more robust
      + Fix NioSocketChannel usage in graalvm native-image
      + Improve ByteBufUtil#firstIndexOf
      + Rewrite ZstdDecoder to remove the need of allocate a huge
      byte[] internally
      + Always log registered/detected ChannelInitializerExtension(s)
      at INFO level
      + Enhance AsciiString#toLowerCase and AsciiString#toUpperCase
      + Add support for zstd http content decompression
      + Save Snappy's encode tmp table allocation
  - Regenerated patches:
    * 0001-Remove-optional-dep-Blockhound.patch
    * 0002-Remove-optional-dep-conscrypt.patch
    * 0003-Remove-optional-deps-jetty-alpn-and-npn.patch
    * 0004-Disable-Brotli-and-ZStd-compression.patch
    * 0005-Do-not-use-the-Graal-annotations.patch
    * 0006-Do-not-use-the-Jetbrains-annotations.patch
    * 0007-Do-not-require-the-tcnative-native-library.patch
* Tue Sep 24 2024 Bernhard Wiedemann <bwiedemann@suse.com>
  - Add reproducible.patch to omit the mtime from libnetty-unix-common.a
    for reproducible builds (boo#1047218)
* Wed Mar 27 2024 Fridrich Strba <fstrba@suse.com>
  - Upgrade to upstream version 4.1.108
    * Fixes of 4.1.108:
      + HttpPostRequestDecoder can OOM (bsc#1222045, CVE-2024-29025)
      + Add zstd decoder
      + Updated HTTP2 Reader to fix missing header state
      + codec-http2: fix some frame validation errors
      + SSL: Only wrap TrustManager if FIPS is not used
      + Epoll: Correctly handle splice tasks when Channel is closed
      + Allow to cancel connect() operations when using non-blocking
      IO
      + DNS resolver final CNAME lookup disabled
      + DNS: Add DnsRecordType definitions for SVCB and HTTPS
      + SSL: Only try to use TLSv1.3 if a compatible ciphersuite is
      configured
      + Backport 'Fix buffer leak in DefaultHttp2HeadersEncoder' to v4
      + SSL: Hold the right monitor while running delegating task
      + SSL: Execute SSL_do_handshake(...) after task is run to ensure
      SSLEngine.getHandshakeStatus() returns the correct value all
      the time
      + Add active flag to EpollServerDomainSocketChannel fd
      constructor
      + Epoll: Fix possible Classloader deadlock caused by loading
      class via JNI
      + Prefer /etc/resolv.conf on Linux and Mac
      + Handle invalid cookie value
      + Upgrade to latest tcnative release
      + ByteToMessageDecoder.channelReadComplete(...) does call read()
      too often
      + Remove the lock usage in PoolArena#numPinnedBytes()
      + Fix x-www-form-urlencoded parsing for no-value key
      (re-submission)
    * Fixes of 4.1.107:
      + Speedup pseudoheader lookup
      + Add support for the Partitioned attribute in cookies
      + Reduce HTTP 1.1 Full msg pipeline traversals
      + DnsNameResolver: Add DnsQueryIdSpace class to reduce overhead
      while generating IDs
      + Fix copy-paste mistake in
      LazyX509Certificate.getIssuerAlternativeNames()
      + HTTP2: lastStreamCreated() does return the wrong value when
      all stream ids were used
      + HTTP2: Update local window should not fail queued frames
      + DnsNameResolver: Allways call bind() during bootstrap
      + HTTP: HttpObjectDecoder must not use HTTPMessage once it is
      passed to the next handler in the ChannelPipeline
      + Ensure key / values are shared between resumed sessions
      + SSLSession.getLastAccessedTime() and getCreationTime() should
      not be equal when session is reused
      + Snappy: Use unsigned short to handle 2 ^ 16 input size instead
      of 2 ^ 15
    * Fixes of 4.1.106:
      + HTTP2: Prevent sharing the index of the continuation frame
      header ByteBuf.
      + DnsNameResolver: Fail query if id space is exhausted
      + Short-circuit ByteBuf::release
    * Fixes of 4.1.105:
      + Fix exception on HTTP chunk size overflow
      + Default value of MAX_MESSAGES_PER_READ not used for native
      DatagramChannels
      + Redo fix scalability issue due to checkcast on context's
      invoke operations
      + Be able to retry the query via TCP if a query failed because
      of a timeout
      + Save HTTP 2 pseudo-header lower-case validation
      + DnsNameResolver: Limit connect timeout to query timeout
      + h2: propagate stream close without read pending, avoid SOOE
      if !autoRead
    * Fixes of 4.1.104:
      + dyld: Symbol not found: _netty_jni_util_JNI_OnLoad
    * Fixes of 4.1.103:
      + Workaround for regex bug in Android SDK
      + Use Http2Headers.size() instead of isEmpty()
      + Add support for RISC-V
    * Fixes of 4.1.101:
      + Add service-loaded extension points for channel initialization
      + Added check for pseudo-headers in trailers
      + Automatically close Http2StreamChannel when
      Http2FrameStreamExceptionreaches end ofChannelPipeline
      + Throwing a stackless exception if RST_FRAME rate is exceeded
      + Only enable the RST limit for servers by default
      + Change default value of MAX_MESSAGES_PER_READ for
      DatagramChannel implementations
      + Descriptive message for errors related to unknown http2
      streams
  - Modified patches:
    * 0001-Remove-optional-dep-Blockhound.patch
    * 0002-Remove-optional-dep-conscrypt.patch
    * 0003-Remove-optional-deps-jetty-alpn-and-npn.patch
    * 0004-Disable-Brotli-and-ZStd-compression.patch
    * 0005-Do-not-use-the-Graal-annotations.patch
    * 0006-Do-not-use-the-Jetbrains-annotations.patch
    * 0007-Do-not-require-the-tcnative-native-library.patch
      + rebase
* Wed Feb 21 2024 Gus Kenion <gus.kenion@suse.com>
  - Use %patch -P N instead of deprecated %patchN.
* Thu Oct 12 2023 Fridrich Strba <fstrba@suse.com>
  - Upgrade to upstream version 4.1.100
    * Fixes of 4.1.100:
      + DDoS vector in the HTTP/2 protocol due RST frames
      (bsc#1216169, CVE-2023-44487)
      + Do not fail when compressing empty HttpContent
    * Fixes of 4.1.99:
      + Do not try to delete a global handle with the local handles
      APIs
      + Enable build with JDK21
      + dyld: lazy symbol binding failed: Symbol not found:
      _netty_jni_util_JNI_OnLoad
    * Fixes of 4.1.98:
      + Revert "HttpHeaderValidationUtil should reject chars past the
      1 byte range"
      + Filter out unresolved addresses when parsing resolv.conf
      + Prevent classloader leak via JNI
      + SSLSession.getPeerCertificateChain() should throw
      UnsupportedOperationException if javax.security.cert
      .X509Certificate can not be created
      + Enable client side session cache when using native SSL by
      default
    * Fixes of 4.1.97:
      + Fixing AsciiString#lastIndexOf To Respect The offset
      + Add support for snappy http2 content decompression
      + Add support for password-based encryption scheme 2 params
      + HttpHeaderValidationUtil should reject chars past the 1 byte
      range
      + Honor SslHandler.setWrapDataSize greater than SSL packet
      length
      + Add support for snappy http content encoding
    * Fixes of 4.1.96:
      + Move the PoolThreadCache finalizer to a separate object
      + Fix kevent(..) failed: Invalid argument
      + Revert "Always increment Stream Id on createStream" to fix bug
      which caused sending multiple RST frames for the same id
    * Fixes of 4.1.95
      + Add resource leak listener
      + Reduce object allocations during SslHandler.flush(...)
      + Ensure ByteBuf.capacity(...) will never throw AssertionError
      + Make transport.Bootstrap usable with no netty-resolver on
      classpath
      + Correctly retain slice when calling
      ReplayingDecoderByteBuf.retainedSlice(...)
      + Always increment Stream Id on createStream(...)
      + Fix BrotliEncoder bug that does not mark ByteBuf it encodes a
      read
      + Enhance CertificateException message when throw due hostname
      validation
  - Rebased patches:
    * 0001-Remove-optional-dep-Blockhound.patch
    * 0002-Remove-optional-dep-conscrypt.patch
    * 0003-Remove-optional-deps-jetty-alpn-and-npn.patch
    * 0004-Disable-Brotli-and-ZStd-compression.patch
    * 0005-Do-not-use-the-Graal-annotations.patch
    * 0006-Do-not-use-the-Jetbrains-annotations.patch
    * 0007-Do-not-require-the-tcnative-native-library.patch
* Wed Sep 13 2023 Fridrich Strba <fstrba@suse.com>
  - Reproducible builds: use SOURCE_DATE_EPOCH for timestamp
* Fri Jun 23 2023 Fridrich Strba <fstrba@suse.com>
  - Upgrade to upstream version 4.1.94
    * Fixes of 4.1.94:
      + Respect offset in
      io.netty.util.NetUtil#toAddressString(byte[], int, boolean)
      + Skip finalization for PoolThreadCache instances without
      small/normal caches
      + Use network byte order when encoding ipv4 address and port
      for Socks codecs
      + Call ReleaseByteArrayElements even when handling of
      socket_path fails to fix small mem leak
      + Always enable leak tracking for derived buffers if parent is
      tracked
      + Release DnsRecords when failing to notify promise
      + Delay possibility to reuse transaction id when query is
      failing because of timeout or cancellation
      + Implement contains for SelectedSelectionKeySet
      + Use Two-Way for finding the delimiter in
      DelimiterBasedFrameDecoder
      + Obtain the local address from the fd when the client connects
      only with remote address (UDS)
      + Allow to limit the maximum lenght of the ClientHello
      (bsc#1212637, CVE-2023-34462)
    * Fixes of 4.1.93:
      + Reset byte buffer in loop for AbstractDiskHttpData.setContent
      + OpenSSL MAX_CERTIFICATE_LIST_BYTES option supported
      + Adapt to DirectByteBuffer constructor in Java 21
      + HTTP/2 encoder: allow HEADER_TABLE_SIZE greater than
      Integer.MAX_VALUE
      + Upgrade to latest netty-tcnative to fix memory leak
      + H2/H2C server stream channels deactivated while write still
      in progress
      + Channel#bytesBefore(un)writable off by 1
      + HTTP/2 should forward shutdown user events to active streams
      + Respect the number of bytes read per datagram when using
      recvmmsg
    * Fixes of 4.1.92:
      + Make Recycler faster on OpenJ9
      + Allow to change the limit for the maximum size of the
      certificate chain.
      + Guard against unbounded grow of suppressed exceptions storage
      + Release websocket handshake response if pipeline checks fail
      + Add support for local and remote addresses on the server for
      child channels when UDS
      + Http types slow path checks
    * Fixes of 4.1.91:
      + Fire a PrematureChannelClosureException when Channel is closed
      while aggregating is still in progress
      + Connect without password if server returns NO_AUTH when using
      Socks5
      + Use optional resolution of sun.net.dns
      + Introduce Http2MultiplexActiveStreamsException that can be
      used to propagate an error to all active streams
      + Use the correct error when reset a stream
      + Update: Add snappy support on HttpContentDecoder
      + Don't unwrap multiple records until we notified the caller
      about the finished handshake
      + Handle EHOSTUNREACH errors in io.netty.channel.unix.Errors
  - Depend on netty-tcnative >= 2.0.60 for SSLContext.setMaxCertList
    method.
  - Rebased patches:
    * 0001-Remove-optional-dep-Blockhound.patch
    * 0002-Remove-optional-dep-conscrypt.patch
    * 0003-Remove-optional-deps-jetty-alpn-and-npn.patch
    * 0004-Disable-Brotli-and-ZStd-compression.patch
    * 0005-Do-not-use-the-Graal-annotations.patch
    * 0006-Do-not-use-the-Jetbrains-annotations.patch
    * 0007-Do-not-require-the-tcnative-native-library.patch
* Thu Mar 30 2023 Fridrich Strba <fstrba@suse.com>
  - Upgrade to upstream version 4.1.90
    * Fixes of 4.1.90:
      + Adding header name of the header which failed validation
      + Fix HttpHeaders.names for non-String headers
      + Save expensive volatile operations in the common hot http
      decoder path
      + Avoid slow type checks against promises on outbound buffer's
      progress
      + Implement NonStickyEventExecutorGroup.inEventLoop
      + Native image: add support for unix domain sockets
      + Use MacOS SDK 10.9 to prevent apple notarization failures
      + Increase errno cache and guard against IOOBE
      + Don't reset BCSSLParameters when setting application protocols
      + WebSocketClientProtocolHandler: add option to disable UTF8
      validation
      + Chunked HTTP length decoding should account for
      whitespaces/ctrl chars
      + Handle NullPointerException thrown from
      NetworkInterface.getNetworkInterfaces()
    * Fixes of 4.1.89:
      + Don't fail on HttpObjectDecoder's maxHeaderSize greater then
      (Integer.MAX_VALUE - 2)
      + dyld: Symbol not found: _netty_jni_util_JNI_OnLoad when
      upgrading from 4.1.87.Final to 4.1.88.Final
    * Fixes of 4.1.88:
      + Speed-up HTTP 1.1 header and line parsing
      + Add StacklessSSLHandshakeException for ClosedChannelException
      + Modify changed CloseWebSocketFrame#statusCode() to change the
      fetch code to unsigned
      + Check if CommandLineTools are installed before trying to
      execute install_name_tool
      + Allow to adjust the GlobalEventExecutor quietPeriod via a
      system property
      + Add SslProvider.isOptionSupported(...)
      + Fix FlowControlHandler's behaviour to pass read events when
      auto-reading is turned off
      + Ensure Http2StreamFrameToHttpObjectCodec#decode doesn't add
      transfer-encoding for 204/304 response
      + Only do extra CNAME query if we couldnt follow the whole CNAME
      chain in the response
      + Include query id when a query failed
      + DnsResolveContext: include expected record types in exception
      message
      + Add necessary native-image configuration files for epoll
      + Create a deep-copy of the Throwable before returning it from
      the cache to prevent possible leaks
      + Always respect completeOncePreferredResolved in
      DnsNameResolver
      + fix brotli compression
      + Optionally depend on bctls-jdk15on
      + Make releasing objects back to Recycler faster
      + Correctly keep track of validExtensions per request / response
      + Add handling of inflight lookups to reduce real queries when
      lookup same hostname
      + DnsQueryContext: include query id and question info in
      exception message
      + AsciiStrings can be batch-encoded
    * Fixes of 4.1.87:
      + Upgrade to latest netty-tcnative release which doesnt link
      libcrypt
      + Add recvmmsg & sendmmsg syscall number for loongarch64
      + Return correct value from SSLSession.getPacketSize() when
      using native SSL implementation
      + Explicit disable TLSv1.3 in the OpenSSL options if not
      supported
      + Support handshake timeout in SniHandler.
      + Extend DNS address supplier interface to provide feedback
    * Fixes of 4.1.86:
      + HAProxyMessageDecoder Stack Exhaustion DoS (bsc#1206360,
      CVE-2022-41881)
      + HTTP Response splitting from assigning header value iterator
      (bsc#1206379, CVE-2022-41915)
      + Revert #12888 for potential task scheduling problems in
      HashedWheelTimer
      + Deprecate ObjectEncoder/ObjectDecoder
      + HPACK dynamic table size update must happen at the beginning
      of the header block
    * Fixes of 4.1.85:
      + A bug in FlowControlHandler that broke auto-read has been
      fixed
      + The HTTP/2 HPACK encoder is now faster at encoding headers
      that have many values
      + A potential memory leak bug has been fixed in the pooled
      allocator
      + Fix an issue with the Blockhound integration, which could
      cause the MacOSDnsServerAddressStreamProvider to be flagged
      as making blocking calls
      + Inconsitencies in how epoll, kqueue, and NIO handle RDHUP have
      been fixed
      + ByteToMessageDecoder now handle situations where the same
      ByteBuf instance is read multiple times
      + The check that ensures the HTTP/1 Content-Length header is
      unique, now no longer causes headers to be rearranged (change
      their order)
      + Fix a NullPointerException bug with class initialisation order
      between InternalLogger and InternalThreadLocalMap
      + When the netty-resolver-dns-native-macos classes can't load
      their native bindings, they now only print a short error
      message instead of the huge stack trace it printed previously.
      The stack trace is still included if DEBUG logging is enabled
      + The Graal native-image meta-data is now placed in the
      recommended location, and no longer causes warnings to be
      printed
      + The HTTP/1 and HTTP/2 codecs now properly support RFC 8297
      Early Hints
      + Subclasses of FastThreadLocalThread can now tell the Netty
      Blockhound integration that they should be allowed to make
      blocking calls
      + Validation of HTTP/2 connection headers have been moved from
      Http2Headers to HpackDecoder, so that outgoing headers are
      not validated
    * Fixes of 4.1.84:
      + HTTP/2 header values with invalid characters are now rejected
      in header validation
      + We now automatically generate conditional meta-data for
      native-image use, making GraalVM support more reliable
      + Fix a scalability issue caused by instanceof and check-cast
      checks that lead to false-sharing on the
      Klass::secondary_super_cache field in the JVM
      (See JDK-8180450)
      + Made the HTTP/2 HPACK static table implementation faster by
      using a perfect hash function
      + Fixed a bug in our PEMParser when PEM files have multiple
      objects, and BouncyCastle is on the classpath
    * Fixes of 4.1.82:
      + Fix a NullPointerException bug when calling forEachByte on
      nested CompositeByteBufs
      + Relax an overly strict HTTP/2 header validation check that was
      rejecting requests from Chrome and Firefox
      + The OpenSSL and BoringSSL implementations now respect the
      jdk.tls.client.protocols and jdk.tls.server.protocols system
      properties, making them react to these in the same way the JDK
      SSL provider does
    * Fixes of 4.1.81:
      + Fix a regression SslContext private key loading
      + Fix a bug in SslContext private key reading fall-back path
      + Fix a buffer leak regression in HttpClientCodec
      + Fix a bug where some HttpMessage implementations, that also
      implement HttpContent, were not handled correctly
      + The MessageFormatter and FormattingTuple classes are now
      usable in the public API
      + Connection related headers in HTTP/2 frames are now rejected,
      in compliance with the specification
    * Fixes of 4.1.80:
      + HttpObjectEncoder scalability issue due to instanceof checks
      + Improve logging when MacOSDnsServerAddressStreamProvider
      cannot be found/loaded
      + Replace stdlib write/read with send/recv
      + Support for pkcs1
      + Add Blockhound exceptions for the PooledByteBufAllocator
      + Fix epoll bug when receiving zero-sized datagrams
      + Avoid including header values in header validation failure
      exceptions
      + Avoid allocating large buffers in JdkZlibEncoder
      + Native Image Support: Set
      IS_EXPLICIT_TRY_REFLECTION_SET_ACCESSIBLE to true by default
      for native images
      + We need to use disconnectx(...) on macOS
      + Replace synchronized with Java Locks on the allocator
      + Don't use static instances of FixedRecvByteBufAllocator
      + Add escaping for stomp headers
    * Fixes of 4.1.79:
      + The PEM certificate parser is no longer susceptible to
      exponential back-off
      + Non-standard extra ampersands in HTTP POST bodies are no
      longer rejected
      + An io.netty.osClassifiers system property has been added to
      avoid reading os-release files
      + Fix a bug in SslHandler so handlerRemoved works properly even
      if handlerAdded throws an exception
      + Use the correct OSGi processor directive on aarch64, making it
      possible to use OSGi on ARM
      + HTTP paths that begin with a double-slash are now parsed the
      same way browsers do
      + The isCompleted flag is now correctly preserved on objects
      from HttpData.retainedDuplicate()
      + The HttpUtil.isOriginForm() and isAsteriskForm() methods now
      correctly conform with RFC 7230
      + Fix an issue that allowed the multicast methods on
      EpollDatagramChannel to be called outside of an event-loop
      thread
      + Support for the LoongArch64 processor architecture has been
      added
    * Fixes of 4.1.78:
      + Fix a bug where an OPT record was added to DNS queries that
      already had such a record
      + Fix a bug that caused an error when files uploaded with HTTP
      POST contained a backslash in their name
      + Fix an issue in the BlockHound integration that could
      occasionally cause NetUtil to be reported as performing
      blocking operations
      + A similar BlockHound issue was fixed for the JdkSslContext
      + Fix a bug that prevented preface or settings frames from
      being flushed, when an HTTP2 connection was established with
      prior-knowledge
      + Fixes a rare NullPointerException that could occur when a
      ReferenceCountedOpenSslEngine threw an OutOfMemoryError from
      its constructor, and was then later finalized
      + The SslHandler now adds the socket file descriptor to the
      BIOs, when the SslEngine supports this (boringssl and
      libressl), which allow tracing and observability tools to
      monitor encryption traffic on a per-connection basis.
      + It is now possible to explicitly step the scheduling clock in
      EmbeddedEventLoop, which is useful for making automated tests
      with deterministic scheduling
    * Fixes of 4.1.77:
      + Local Information Disclosure Vulnerability in Netty on
      Unix-Like systems due temporary files for Java 6 and lower in
      io.netty:netty-codec-http (bsc#1199338, CVE-2022-24823)
      + Upgraded the optional netty-tcnative dependency to version
      2.0.52.Final
      + Fix a bug where Netty fails to load a shaded native library
      + Include classifier in Automatic-Module-Name
      + Check if epoll_pwait2 is implemented
      + Don't call strdup on packagePrefix
      + Enable debugging of asynchronous tasks in Intellij
      + Throwing an exception in case glibc is missing instead of
      segfaulting the JVM
    * Fixes of 4.1.76:
      + Upgraded the optional netty-tcnative dependency to version
      2.0.51.Final
      + Upgraded the optional log4j dependency to version 2.17.2
      + The netty-all module now declare an automatic module name,
      making it useable with Java Modules.
      + It is now possible to configure arbitrary socket options for
      the native epoll and kqueue transports. Refer to your
      operating system documentation for what options are available.
      + It is now possible to explicitly bind channels to either IPv4
      or IPv6.
      + The HTTP/2 header validation that rejects duplicate
      pseudo-headers, which was added in 4.1.75.Final, has been
      changed so it no longer breaks older versions of gRPC.
      " Fix a NullPointerException that was hiding the real cause of
      certain HTTP/2 header decoding errors.
  - Modified patches:
    * 0001-Remove-optional-dep-Blockhound.patch
    * 0002-Remove-optional-dep-conscrypt.patch
    * 0003-Remove-optional-deps-jetty-alpn-and-npn.patch
    * no-brotli-zstd.patch
    - > 0004-Disable-Brotli-and-ZStd-compression.patch
    * no-werror.patch
      + rebase
  - Removed patches:
    * 0004-Remove-optional-dep-tcnative.patch
    * 0005-Remove-optional-dep-log4j.patch
      + we have the dependencies, so no need to disable them
    * 0006-revert-Fix-native-image-build.patch
    * 0007-Revert-Support-session-cache-for-client-and-server-w.patch
      + solve the build breakages differently
  - Added patches:
    * 0005-Do-not-use-the-Graal-annotations.patch
    * 0006-Do-not-use-the-Jetbrains-annotations.patch
      + do not use annotations for which we don't have dependencies
    * 0007-Do-not-require-the-tcnative-native-library.patch
      + our tcnative library is installed system-wide
* Thu Oct 13 2022 Fridrich Strba <fstrba@suse.com>
  - Force building with java 11 on ix86 in order to avoid random
    build failures
* Fri Apr 08 2022 Fridrich Strba <fstrba@suse.com>
  - Upgrade to latest upstream version 4.1.75
  - Modified patches:
    * 0001-Remove-optional-dep-Blockhound.patch
    * 0002-Remove-optional-dep-conscrypt.patch
    * 0003-Remove-optional-deps-jetty-alpn-and-npn.patch
    * 0004-Remove-optional-dep-tcnative.patch
    * 0005-Remove-optional-dep-log4j.patch
    * 0006-revert-Fix-native-image-build.patch
    * 0007-Revert-Support-session-cache-for-client-and-server-w.patch
      + rebase
* Tue Feb 22 2022 Fridrich Strba <fstrba@suse.com>
  - Do not build against the log4j12 packages
* Tue Dec 14 2021 Fridrich Strba <fstrba@suse.com>
  - Upgrade to latest upstream version 4.1.72
    * fixes: bsc#1190610, CVE-2021-37136: Bzip2Decoder doesn't allow
      setting size restrictions for decompressed data
    * fixes: bsc#1190613, CVE-2021-37137: SnappyFrameDecoder doesn't
      restrict chunk length any may buffer skippable chunks in an
      unnecessary way
    * fixes: bsc#1193672, CVE-2021-43797: possible HTTP request
      smuggling due to insufficient validation against control
      characters
    * fixes: bsc#1184203, CVE-2021-21409: request smuggling via
      content-length header
  - Modified patches:
    * 0001-Remove-optional-dep-Blockhound.patch
    * 0002-Remove-optional-dep-conscrypt.patch
    * 0003-Remove-optional-deps-jetty-alpn-and-npn.patch
    * 0004-Remove-optional-dep-tcnative.patch
    * 0005-Remove-optional-dep-log4j.patch
    * 0006-revert-Fix-native-image-build.patch
    * 0007-Revert-Support-session-cache-for-client-and-server-w.patch
    * no-werror.patch
      + rediff to changed context
  - Added patch:
    * no-brotli-zstd.patch
      + disable Brotli and Zstd compression, since we lack
      the dependencies needed to build them
* Fri Mar 12 2021 Fridrich Strba <fstrba@suse.com>
  - Upgrade to latest upstream version 4.1.60
    * fixes: bsc#1183262, CVE-2021-21295: HTTP/2 request
      Content-Length header field is not validated by
      'Http2MultiplexHandler'
  - Modified patches:
    * 0001-Remove-optional-dep-Blockhound.patch
    * 0002-Remove-optional-dep-conscrypt.patch
    * 0003-Remove-optional-deps-jetty-alpn-and-npn.patch
    * 0004-Remove-optional-dep-tcnative.patch
    * 0005-Remove-optional-dep-log4j.patch
    * 0006-revert-Fix-native-image-build.patch
      + rediff to changed context
  - Added patch:
    * 0007-Revert-Support-session-cache-for-client-and-server-w.patch
      + revert optional disabled cache implementation that conflicts
      with our 0004-Remove-optional-dep-tcnative.patch
* Thu Feb 11 2021 Fridrich Strba <fstrba@suse.com>
  - Upgrade to latest upstream version 4.1.59
  - Removed patches:
    * netty-CVE-2020-11612.patch
    * netty-CVE-2021-21290.patch
      + fixes integrated in the upstream sources
    * 0001-Remove-OpenSSL-parts-depending-on-tcnative.patch
    * 0002-Remove-NPN.patch
    * 0003-Remove-conscrypt-ALPN.patch
    * 0004-Remove-jetty-ALPN.patch
      + replaced by new patches
  - Added patches:
    * 0001-Remove-optional-dep-Blockhound.patch
    * 0002-Remove-optional-dep-conscrypt.patch
    * 0003-Remove-optional-deps-jetty-alpn-and-npn.patch
    * 0004-Remove-optional-dep-tcnative.patch
    * 0005-Remove-optional-dep-log4j.patch
      + remove various optional dependencies that we do not need
    * 0006-revert-Fix-native-image-build.patch
      + Revert changes that introduce a new dependency that we
      do not have
    * no-werror.patch
      + Do not treat warnings as errors
  - Build -poms and -javadoc as noarch packages, since they do not
    install anything in arch-dependent directories
* Thu Feb 11 2021 Fridrich Strba <fstrba@suse.com>
  - Added patch:
    * netty-CVE-2021-21290.patch
      + bsc#1182103, CVE-2021-21290

Files

/usr/lib64/java/netty
/usr/lib64/java/netty/netty-resolver-dns-classes-macos.jar
/usr/lib64/java/netty/netty-transport-classes-epoll.jar
/usr/lib64/java/netty/netty-transport-classes-kqueue.jar
/usr/lib64/java/netty/netty-transport-native-epoll-linux-x86_64.jar
/usr/lib64/java/netty/netty-transport-native-unix-common-linux-x86_64.jar
/usr/lib64/java/netty/netty-transport-native-unix-common.jar
/usr/share/java/netty
/usr/share/java/netty/netty-all.jar
/usr/share/java/netty/netty-buffer.jar
/usr/share/java/netty/netty-codec-dns.jar
/usr/share/java/netty/netty-codec-haproxy.jar
/usr/share/java/netty/netty-codec-http.jar
/usr/share/java/netty/netty-codec-http2.jar
/usr/share/java/netty/netty-codec-memcache.jar
/usr/share/java/netty/netty-codec-mqtt.jar
/usr/share/java/netty/netty-codec-redis.jar
/usr/share/java/netty/netty-codec-smtp.jar
/usr/share/java/netty/netty-codec-socks.jar
/usr/share/java/netty/netty-codec-stomp.jar
/usr/share/java/netty/netty-codec-xml.jar
/usr/share/java/netty/netty-codec.jar
/usr/share/java/netty/netty-common.jar
/usr/share/java/netty/netty-dev-tools.jar
/usr/share/java/netty/netty-handler-proxy.jar
/usr/share/java/netty/netty-handler-ssl-ocsp.jar
/usr/share/java/netty/netty-handler.jar
/usr/share/java/netty/netty-resolver-dns.jar
/usr/share/java/netty/netty-resolver.jar
/usr/share/java/netty/netty-transport-native-epoll.jar
/usr/share/java/netty/netty-transport-native-kqueue.jar
/usr/share/java/netty/netty-transport-sctp.jar
/usr/share/java/netty/netty-transport.jar
/usr/share/licenses/netty
/usr/share/licenses/netty/LICENSE.txt
/usr/share/licenses/netty/NOTICE.txt
/usr/share/maven-metadata/netty.xml
/usr/share/maven-poms/netty
/usr/share/maven-poms/netty/netty-all.pom
/usr/share/maven-poms/netty/netty-buffer.pom
/usr/share/maven-poms/netty/netty-codec-dns.pom
/usr/share/maven-poms/netty/netty-codec-haproxy.pom
/usr/share/maven-poms/netty/netty-codec-http.pom
/usr/share/maven-poms/netty/netty-codec-http2.pom
/usr/share/maven-poms/netty/netty-codec-memcache.pom
/usr/share/maven-poms/netty/netty-codec-mqtt.pom
/usr/share/maven-poms/netty/netty-codec-redis.pom
/usr/share/maven-poms/netty/netty-codec-smtp.pom
/usr/share/maven-poms/netty/netty-codec-socks.pom
/usr/share/maven-poms/netty/netty-codec-stomp.pom
/usr/share/maven-poms/netty/netty-codec-xml.pom
/usr/share/maven-poms/netty/netty-codec.pom
/usr/share/maven-poms/netty/netty-common.pom
/usr/share/maven-poms/netty/netty-dev-tools.pom
/usr/share/maven-poms/netty/netty-handler-proxy.pom
/usr/share/maven-poms/netty/netty-handler-ssl-ocsp.pom
/usr/share/maven-poms/netty/netty-handler.pom
/usr/share/maven-poms/netty/netty-resolver-dns-classes-macos.pom
/usr/share/maven-poms/netty/netty-resolver-dns.pom
/usr/share/maven-poms/netty/netty-resolver.pom
/usr/share/maven-poms/netty/netty-transport-classes-epoll.pom
/usr/share/maven-poms/netty/netty-transport-classes-kqueue.pom
/usr/share/maven-poms/netty/netty-transport-native-epoll.pom
/usr/share/maven-poms/netty/netty-transport-native-kqueue.pom
/usr/share/maven-poms/netty/netty-transport-native-unix-common.pom
/usr/share/maven-poms/netty/netty-transport-sctp.pom
/usr/share/maven-poms/netty/netty-transport.pom


Generated by rpm2html 1.8.1

Fabrice Bellet, Fri Dec 27 23:35:20 2024