netty (1:4.1.48-10) [PTS] [DDPO]

OK: VCS matches the version in the archive

Git: https://salsa.debian.org/java-team/netty.git
JSON
Enter a full Vcs-* header, supported schemes are: Vcs-Bzr, Vcs-Cvs, Vcs-Darcs, Vcs-Git, Vcs-Hg, Vcs-Mtn, Vcs-Svn.
For Vcs-Git append -b branch to select the branch name; append [subdir] if the debian/ directory is not in the repository root.
The next upload will reset the information from the source package headers.
Branch: master
Path: debian/changelog
Repo size: 1585152
Browser: https://salsa.debian.org/java-team/netty
Last scan: 2024-11-17 16:58:08+00
Next scan: 2024-11-23 18:37:00+00

Debian changelog in Git:

netty (1:4.1.48-10) unstable; urgency=high

  * Team upload.
  * Fix CVE-2024-29025:
    Julien Viet discovered that Netty, a Java NIO client/server socket
    framework, was vulnerable to allocation of resources without limits or
    throttling due to the accumulation of data in the HttpPostRequestDecoder.
    This would allow an attacker to cause a denial of service.
    Thanks to Salvatore Bonaccorso for the report. (Closes: #1068110)

 -- Markus Koschany <apo@debian.org>  Sun, 12 May 2024 21:20:10 +0200

This branch is even with tag debian/1%4.1.48-10