| Package | netty |
|---|---|
| Version | 3.2.6.Final-2+deb7u1 |
| Related CVEs | CVE-2019-16869 |
Netty mishandled whitespace before the colon in HTTP headers (such as a “Transfer-Encoding : chunked” line), which lead to HTTP request smuggling.
For Debian 7 Wheezy, these problems have been fixed in version 3.2.6.Final-2+deb7u1.
We recommend that you upgrade your netty packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.