[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2025:03114-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-06T02:55:33.997Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":20,"duplicates":21,"related":22,"reserved_at":9,"published_at":26,"modified_at":27,"state":9,"summary":28,"references_raw":30,"kevs":64,"epss":9,"epss_history":65,"metrics":66,"affected":67},"SUSE-SU-2025:03114-1","Security update for netty, netty-tcnative\n\nThis update for netty, netty-tcnative fixes the following issues:\n\nUpgrade to upstream version 4.1.126.\n    \nSecurity issues fixed:\n    \n- CVE-2025-58057: decompression codecs allocating a large number of buffers after processing specially crafted input can\n  cause a denial of service (bsc#1249134).\n- CVE-2025-58056: incorrect parsing of chunk extensions can lead to request smuggling (bsc#1249116).\n- CVE-2025-55163: 'MadeYouReset' denial of serivce attack in the HTTP/2 protocol (bsc#1247991).\n    \nOther issues fixed:\n\n- Fixes from version 4.1.126\n  * Fix IllegalReferenceCountException on invalid upgrade response.\n  * Drop unknown frame on missing stream.\n  * Don't try to handle incomplete upgrade request.\n  * Update to netty-tcnative 2.0.73Final.\n    \n- Fixes from version 4.1.124\n  * Fix NPE and AssertionErrors when many tasks are scheduled and cancelled.\n  * HTTP2: Http2ConnectionHandler should always use Http2ConnectionEncoder.\n  * Epoll: Correctly handle UDP packets with source port of 0.\n  * Fix netty-common OSGi Import-Package header.\n  * MqttConnectPayload.toString() includes password.\n\n- Fixes from version 4.1.123\n  * Fix chunk reuse bug in adaptive allocator.\n  * More accurate adaptive memory usage accounting.\n  * Introduce size-classes for the adaptive allocator.\n  * Reduce magazine proliferation eagerness.\n  * Fix concurrent ByteBuffer access issue in AdaptiveByteBuf.getBytes.\n  * Fix possible buffer corruption caused by incorrect setCharSequence(...) implementation.\n  * AdaptiveByteBuf: Fix AdaptiveByteBuf.maxFastWritableBytes() to take writerIndex() into account.\n  * Optimize capacity bumping for adaptive ByteBufs.\n  * AbstractDnsRecord: equals() and hashCode() to ignore name field's case.\n  * Backport Unsafe guards.\n  * Guard recomputed offset access with hasUnsafe.\n  * HTTP2: Always produce a RST frame on stream exception.\n  * Correct what artifacts included in netty-bom.\n\n- Fixes from version 4.1.122\n  * DirContextUtils.addNameServer(...) should just catch Exception internally.\n  * Make public API specify explicit maxAllocation to prevent OOM.\n  * Fix concurrent ByteBuf write access bug in adaptive allocator.\n  * Fix transport-native-kqueue Bundle-SymbolicNames.\n  * Fix resolver-dns-native-macos Bundle-SymbolicNames.\n  * Always correctly calculate the memory address of the ByteBuf even if sun.misc.Unsafe is not usable.\n  * Upgrade lz4 dependencies as the old version did not correctly handle ByteBuffer that have an arrayOffset > 0.\n  * Optimize ByteBuf.setCharSequence for adaptive allocator.\n  * Kqueue: Fix registration failure when fd is reused.\n  * Make JdkZlibEncoder accept Deflater.DEFAULT_COMPRESSION as level.\n  * Ensure OpenSsl.availableJavaCipherSuites does not contain null values.\n  * Always prefer direct buffers for pooled allocators if not explicit disabled.\n  * Update to netty-tcnative 2.0.72.Final.\n  * Re-enable sun.misc.Unsafe by default on Java 24+.\n  * Kqueue: Delay removal from registration map to fix noisy warnings.\n\n- Fixes from version 4.1.121\n  * Epoll.isAvailable() returns false on Ubuntu 20.04/22.04 arch amd64.\n  * Fix transport-native-epoll Bundle-SymbolicNames.\n\n- Fixes from version 4.1.120\n  * Fix flawed termination condition check in HttpPostRequestEncoder#encodeNextChunkUrlEncoded(int) for current\n    InterfaceHttpData.\n  * Exposed decoderEnforceMaxConsecutiveEmptyDataFrames and decoderEnforceMaxRstFramesPerWindow.\n  * ThreadExecutorMap must restore old EventExecutor.\n  * Make Recycler virtual thread friendly.\n  * Disable sun.misc.Unsafe by default on Java 24+.\n  * Adaptive: Correctly enforce leak detection when using AdaptiveByteBufAllocator.\n  * Add suppressed exception to original cause when calling Future.sync*.\n  * Add SETTINGS_ENABLE_CONNECT_PROTOCOL to the default HTTP/2 settings.\n  * Correct computation for suboptimal chunk retirement probability.\n  * Fix bug in method AdaptivePoolingAllocator.allocateWithoutLock(...).\n  * Fix a Bytebuf leak in TcpDnsQueryDecoder.\n  * SSL: Clear native error if named group is not supported.\n  * WebSocketClientCompressionHandler shouldn't claim window bits support when jzlib is not available.\n  * Fix the assignment error of maxQoS parameter in ConnAck Properties.\n\n- Fixes from version 4.1.119\n  * Replace SSL assertion with explicit record length check.\n  * Fix NPE when upgrade message fails to aggregate.\n  * SslHandler: Fix possible NPE when executor is used for delegating.\n  * Consistently add channel info in HTTP/2 logs.\n  * Add QueryStringDecoder option to leave '+' alone.\n  * Use initialized BouncyCastle providers when available.\n\n- Fix pom.xml errors that will be fatal with Maven 4\n",null,[],[],[],[14,16,18],{"_key":15},"CVE-2025-55163",{"_key":17},"CVE-2025-58056",{"_key":19},"CVE-2025-58057",[],[],[23,24,25],{"_key":15},{"_key":17},{"_key":19},"2025-09-09T10:35:14Z","2026-02-04T04:13:54.400269Z",{"cisa_kev":29,"cisa_ransomware":29,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[31,38,43,47,51,56,60],{"url":32,"sources":33,"tags":36},"https://www.suse.com/support/update/announcement/2025/suse-su-202503114-1/",[34,35],"osv_suse","osv_opensuse",[37],"Advisory",{"url":39,"sources":40,"tags":41},"https://bugzilla.suse.com/1247991",[34,35],[42],"REPORT",{"url":44,"sources":45,"tags":46},"https://bugzilla.suse.com/1249116",[34,35],[42],{"url":48,"sources":49,"tags":50},"https://bugzilla.suse.com/1249134",[34,35],[42],{"url":52,"sources":53,"tags":54},"https://www.suse.com/security/cve/CVE-2025-55163",[34,35],[55],"WEB",{"url":57,"sources":58,"tags":59},"https://www.suse.com/security/cve/CVE-2025-58056",[34,35],[55],{"url":61,"sources":62,"tags":63},"https://www.suse.com/security/cve/CVE-2025-58057",[34,35],[55],[],[],[],[68,81,88,94,98,102,106,110,114,118,122,126,130,134,138,142,146,150],{"ecosystem":69,"name":70,"vendor":71,"product":72,"cpe_part":9,"purl_type":73,"purl_namespace":71,"purl_name":72,"source":9,"versions":74},"openSUSE","netty-tcnative","opensuse","netty-tcnative&distro=openSUSE Leap 15.6","rpm",[75],{"version":76,"is_range":77,"range_type":78,"version_start":9,"version_start_type":9,"version_end":79,"version_end_type":80,"fixed_in":9},"lt2_0_73_150200_3_30_1",true,"ecosystem","2.0.73-150200.3.30.1","excluding",{"ecosystem":69,"name":82,"vendor":71,"product":83,"cpe_part":9,"purl_type":73,"purl_namespace":71,"purl_name":83,"source":9,"versions":84},"netty","netty&distro=openSUSE Leap 15.6",[85],{"version":86,"is_range":77,"range_type":78,"version_start":9,"version_start_type":9,"version_end":87,"version_end_type":80,"fixed_in":9},"lt4_1_126_150200_4_34_1","4.1.126-150200.4.34.1",{"ecosystem":89,"name":70,"vendor":90,"product":91,"cpe_part":9,"purl_type":73,"purl_namespace":90,"purl_name":91,"source":9,"versions":92},"SUSE Linux Enterprise","suse","netty-tcnative&distro=SUSE Enterprise Storage 7.1",[93],{"version":76,"is_range":77,"range_type":78,"version_start":9,"version_start_type":9,"version_end":79,"version_end_type":80,"fixed_in":9},{"ecosystem":89,"name":70,"vendor":90,"product":95,"cpe_part":9,"purl_type":73,"purl_namespace":90,"purl_name":95,"source":9,"versions":96},"netty-tcnative&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",[97],{"version":76,"is_range":77,"range_type":78,"version_start":9,"version_start_type":9,"version_end":79,"version_end_type":80,"fixed_in":9},{"ecosystem":89,"name":70,"vendor":90,"product":99,"cpe_part":9,"purl_type":73,"purl_namespace":90,"purl_name":99,"source":9,"versions":100},"netty-tcnative&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",[101],{"version":76,"is_range":77,"range_type":78,"version_start":9,"version_start_type":9,"version_end":79,"version_end_type":80,"fixed_in":9},{"ecosystem":89,"name":70,"vendor":90,"product":103,"cpe_part":9,"purl_type":73,"purl_namespace":90,"purl_name":103,"source":9,"versions":104},"netty-tcnative&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",[105],{"version":76,"is_range":77,"range_type":78,"version_start":9,"version_start_type":9,"version_end":79,"version_end_type":80,"fixed_in":9},{"ecosystem":89,"name":70,"vendor":90,"product":107,"cpe_part":9,"purl_type":73,"purl_namespace":90,"purl_name":107,"source":9,"versions":108},"netty-tcnative&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",[109],{"version":76,"is_range":77,"range_type":78,"version_start":9,"version_start_type":9,"version_end":79,"version_end_type":80,"fixed_in":9},{"ecosystem":89,"name":70,"vendor":90,"product":111,"cpe_part":9,"purl_type":73,"purl_namespace":90,"purl_name":111,"source":9,"versions":112},"netty-tcnative&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",[113],{"version":76,"is_range":77,"range_type":78,"version_start":9,"version_start_type":9,"version_end":79,"version_end_type":80,"fixed_in":9},{"ecosystem":89,"name":70,"vendor":90,"product":115,"cpe_part":9,"purl_type":73,"purl_namespace":90,"purl_name":115,"source":9,"versions":116},"netty-tcnative&distro=SUSE Linux Enterprise Module for Development Tools 15 SP6",[117],{"version":76,"is_range":77,"range_type":78,"version_start":9,"version_start_type":9,"version_end":79,"version_end_type":80,"fixed_in":9},{"ecosystem":89,"name":70,"vendor":90,"product":119,"cpe_part":9,"purl_type":73,"purl_namespace":90,"purl_name":119,"source":9,"versions":120},"netty-tcnative&distro=SUSE Linux Enterprise Module for Development Tools 15 SP7",[121],{"version":76,"is_range":77,"range_type":78,"version_start":9,"version_start_type":9,"version_end":79,"version_end_type":80,"fixed_in":9},{"ecosystem":89,"name":70,"vendor":90,"product":123,"cpe_part":9,"purl_type":73,"purl_namespace":90,"purl_name":123,"source":9,"versions":124},"netty-tcnative&distro=SUSE Linux Enterprise Server 15 SP3-LTSS",[125],{"version":76,"is_range":77,"range_type":78,"version_start":9,"version_start_type":9,"version_end":79,"version_end_type":80,"fixed_in":9},{"ecosystem":89,"name":70,"vendor":90,"product":127,"cpe_part":9,"purl_type":73,"purl_namespace":90,"purl_name":127,"source":9,"versions":128},"netty-tcnative&distro=SUSE Linux Enterprise Server 15 SP4-LTSS",[129],{"version":76,"is_range":77,"range_type":78,"version_start":9,"version_start_type":9,"version_end":79,"version_end_type":80,"fixed_in":9},{"ecosystem":89,"name":70,"vendor":90,"product":131,"cpe_part":9,"purl_type":73,"purl_namespace":90,"purl_name":131,"source":9,"versions":132},"netty-tcnative&distro=SUSE Linux Enterprise Server 15 SP5-LTSS",[133],{"version":76,"is_range":77,"range_type":78,"version_start":9,"version_start_type":9,"version_end":79,"version_end_type":80,"fixed_in":9},{"ecosystem":89,"name":70,"vendor":90,"product":135,"cpe_part":9,"purl_type":73,"purl_namespace":90,"purl_name":135,"source":9,"versions":136},"netty-tcnative&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP3",[137],{"version":76,"is_range":77,"range_type":78,"version_start":9,"version_start_type":9,"version_end":79,"version_end_type":80,"fixed_in":9},{"ecosystem":89,"name":70,"vendor":90,"product":139,"cpe_part":9,"purl_type":73,"purl_namespace":90,"purl_name":139,"source":9,"versions":140},"netty-tcnative&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP4",[141],{"version":76,"is_range":77,"range_type":78,"version_start":9,"version_start_type":9,"version_end":79,"version_end_type":80,"fixed_in":9},{"ecosystem":89,"name":70,"vendor":90,"product":143,"cpe_part":9,"purl_type":73,"purl_namespace":90,"purl_name":143,"source":9,"versions":144},"netty-tcnative&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP5",[145],{"version":76,"is_range":77,"range_type":78,"version_start":9,"version_start_type":9,"version_end":79,"version_end_type":80,"fixed_in":9},{"ecosystem":89,"name":82,"vendor":90,"product":147,"cpe_part":9,"purl_type":73,"purl_namespace":90,"purl_name":147,"source":9,"versions":148},"netty&distro=SUSE Linux Enterprise Module for Package Hub 15 SP6",[149],{"version":86,"is_range":77,"range_type":78,"version_start":9,"version_start_type":9,"version_end":87,"version_end_type":80,"fixed_in":9},{"ecosystem":89,"name":82,"vendor":90,"product":151,"cpe_part":9,"purl_type":73,"purl_namespace":90,"purl_name":151,"source":9,"versions":152},"netty&distro=SUSE Linux Enterprise Module for Package Hub 15 SP7",[153],{"version":86,"is_range":77,"range_type":78,"version_start":9,"version_start_type":9,"version_end":87,"version_end_type":80,"fixed_in":9}]