Mageia 2021-0136: netty security update
Summary
When netty's multipart decoders are used local information disclosure can occur
via the local system temporary directory if temporary storing uploads on the
disk is enabled (CVE-2021-21290).
References
- https://bugs.mageia.org/show_bug.cgi?id=28446
- https://github.com/netty/netty/security/advisories/GHSA-5mcr-gq6c-3hq2
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21290
Resolution
MGASA-2021-0136 - Updated netty packages fix a security vulnerability
SRPMS
- 8/core/netty-4.1.51-1.1.mga8