[Jython-checkins] jython: Update netty JARs to 4.1.45 (issue #2828 and CVE-2019-16869)
jeff.allen
jython-checkins at python.org
Sun Jan 26 15:59:25 EST 2020
https://hg.python.org/jython/rev/ccd1215b3d0e
changeset: 8322:ccd1215b3d0e
user: Jeff Allen <ja.py at farowl.co.uk>
date: Sun Jan 26 18:32:58 2020 +0000
summary:
Update netty JARs to 4.1.45 (issue #2828 and CVE-2019-16869)
files:
NEWS | 1 +
build.gradle | 12 ++--
build.xml | 24 +++++-----
extlibs/netty-buffer-4.1.24.Final.jar | Bin
extlibs/netty-buffer-4.1.45.Final.jar | Bin
extlibs/netty-codec-4.1.24.Final.jar | Bin
extlibs/netty-codec-4.1.45.Final.jar | Bin
extlibs/netty-common-4.1.24.Final.jar | Bin
extlibs/netty-common-4.1.45.Final.jar | Bin
extlibs/netty-handler-4.1.24.Final.jar | Bin
extlibs/netty-handler-4.1.45.Final.jar | Bin
extlibs/netty-resolver-4.1.24.Final.jar | Bin
extlibs/netty-resolver-4.1.45.Final.jar | Bin
extlibs/netty-transport-4.1.24.Final.jar | Bin
extlibs/netty-transport-4.1.45.Final.jar | Bin
15 files changed, 19 insertions(+), 18 deletions(-)
diff --git a/NEWS b/NEWS
--- a/NEWS
+++ b/NEWS
@@ -8,6 +8,7 @@
Jython 2.7.2b3
Bugs fixed
+ - [ 2828 ] Update netty JARs to 4.1.45
- [ 2044 ] CVE-2013-2027 Current umask sets privileges of class files and cache
- [ 2834 ] Import of Java classes is not thread safe
- [ 2820 ] Import fails with UnicodeDecodeError if sys.path contains invalid UTF-8 bytes
diff --git a/build.gradle b/build.gradle
--- a/build.gradle
+++ b/build.gradle
@@ -182,12 +182,12 @@
implementation 'jline:jline:2.14.5'
- implementation 'io.netty:netty-buffer:4.1.24.Final'
- implementation 'io.netty:netty-codec:4.1.24.Final'
- implementation 'io.netty:netty-common:4.1.24.Final'
- implementation 'io.netty:netty-handler:4.1.24.Final'
- implementation 'io.netty:netty-resolver:4.1.24.Final'
- implementation 'io.netty:netty-transport:4.1.24.Final'
+ implementation 'io.netty:netty-buffer:4.1.45.Final'
+ implementation 'io.netty:netty-codec:4.1.45.Final'
+ implementation 'io.netty:netty-common:4.1.45.Final'
+ implementation 'io.netty:netty-handler:4.1.45.Final'
+ implementation 'io.netty:netty-resolver:4.1.45.Final'
+ implementation 'io.netty:netty-transport:4.1.45.Final'
// Used implicitly in the Ant build, must be explicit here
implementation 'org.apache.ant:ant:1.9.7'
diff --git a/build.xml b/build.xml
--- a/build.xml
+++ b/build.xml
@@ -260,12 +260,12 @@
<file name="jnr-posix-3.0.50.jar"/>
<file name="jnr-constants-0.9.12.jar"/>
<file name="jline-2.14.5.jar"/>
- <file name="netty-buffer-4.1.24.Final.jar"/>
- <file name="netty-codec-4.1.24.Final.jar"/>
- <file name="netty-common-4.1.24.Final.jar"/>
- <file name="netty-handler-4.1.24.Final.jar"/>
- <file name="netty-resolver-4.1.24.Final.jar"/>
- <file name="netty-transport-4.1.24.Final.jar"/>
+ <file name="netty-buffer-4.1.45.Final.jar"/>
+ <file name="netty-codec-4.1.45.Final.jar"/>
+ <file name="netty-common-4.1.45.Final.jar"/>
+ <file name="netty-handler-4.1.45.Final.jar"/>
+ <file name="netty-resolver-4.1.45.Final.jar"/>
+ <file name="netty-transport-4.1.45.Final.jar"/>
</filelist>
</path>
@@ -843,17 +843,17 @@
<rule pattern="com.google.**" result="org.python.google. at 1"/>
<zipfileset src="extlibs/icu4j-59_1.jar"/>
<rule pattern="com.ibm.icu.**" result="org.python.icu. at 1"/>
- <zipfileset src="extlibs/netty-buffer-4.1.24.Final.jar" excludes="META-INF/**"/>
+ <zipfileset src="extlibs/netty-buffer-4.1.45.Final.jar" excludes="META-INF/**"/>
<rule pattern="io.netty.**" result="org.python.netty. at 1"/>
- <zipfileset src="extlibs/netty-codec-4.1.24.Final.jar" excludes="META-INF/**"/>
+ <zipfileset src="extlibs/netty-codec-4.1.45.Final.jar" excludes="META-INF/**"/>
<rule pattern="io.netty.**" result="org.python.netty. at 1"/>
- <zipfileset src="extlibs/netty-common-4.1.24.Final.jar" excludes="META-INF/**"/>
+ <zipfileset src="extlibs/netty-common-4.1.45.Final.jar" excludes="META-INF/**"/>
<rule pattern="io.netty.**" result="org.python.netty. at 1"/>
- <zipfileset src="extlibs/netty-handler-4.1.24.Final.jar" excludes="META-INF/**"/>
+ <zipfileset src="extlibs/netty-handler-4.1.45.Final.jar" excludes="META-INF/**"/>
<rule pattern="io.netty.**" result="org.python.netty. at 1"/>
- <zipfileset src="extlibs/netty-resolver-4.1.24.Final.jar" excludes="META-INF/**"/>
+ <zipfileset src="extlibs/netty-resolver-4.1.45.Final.jar" excludes="META-INF/**"/>
<rule pattern="io.netty.**" result="org.python.netty. at 1"/>
- <zipfileset src="extlibs/netty-transport-4.1.24.Final.jar" excludes="META-INF/**"/>
+ <zipfileset src="extlibs/netty-transport-4.1.45.Final.jar" excludes="META-INF/**"/>
<rule pattern="io.netty.**" result="org.python.netty. at 1"/>
<zipfileset src="${extlibs.dir}/java-sizeof-0.0.5.jar"/>
<rule pattern="com.carrotsearch.sizeof.**" result="org.python.sizeof. at 1"/>
diff --git a/extlibs/netty-buffer-4.1.24.Final.jar b/extlibs/netty-buffer-4.1.24.Final.jar
deleted file mode 100644
index c309e99ca606f1cccbd5ab11dcd0f898b14a7857..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
GIT binary patch
[stripped]
diff --git a/extlibs/netty-buffer-4.1.45.Final.jar b/extlibs/netty-buffer-4.1.45.Final.jar
new file mode 100644
index e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..45d9ff28a5bc57fd59ff95981de506dbd41a1580
GIT binary patch
[stripped]
diff --git a/extlibs/netty-codec-4.1.24.Final.jar b/extlibs/netty-codec-4.1.24.Final.jar
deleted file mode 100644
index 6ca8e3da4601f3efe2d42686d7fca85bd9e73032..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
GIT binary patch
[stripped]
diff --git a/extlibs/netty-codec-4.1.45.Final.jar b/extlibs/netty-codec-4.1.45.Final.jar
new file mode 100644
index e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..e8378e7667755c582de8927a91202967f2e5a79f
GIT binary patch
[stripped]
diff --git a/extlibs/netty-common-4.1.24.Final.jar b/extlibs/netty-common-4.1.24.Final.jar
deleted file mode 100644
index a5f89c8bf5b5bdac7396a610c480f379c3462049..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
GIT binary patch
[stripped]
diff --git a/extlibs/netty-common-4.1.45.Final.jar b/extlibs/netty-common-4.1.45.Final.jar
new file mode 100644
index e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..038f1f72c45a2bf2bcad46a288a6d93c814a58b4
GIT binary patch
[stripped]
diff --git a/extlibs/netty-handler-4.1.24.Final.jar b/extlibs/netty-handler-4.1.24.Final.jar
deleted file mode 100644
index e3e90ce2e140d02af44e3f1a8823ab1cb91bcfd2..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
GIT binary patch
[stripped]
diff --git a/extlibs/netty-handler-4.1.45.Final.jar b/extlibs/netty-handler-4.1.45.Final.jar
new file mode 100644
index e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..ef3d012e7c17dbd59361631554246878cfa592e9
GIT binary patch
[stripped]
diff --git a/extlibs/netty-resolver-4.1.24.Final.jar b/extlibs/netty-resolver-4.1.24.Final.jar
deleted file mode 100644
index fcbab834e3147319b489403e82aac7d0e8c0960f..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
GIT binary patch
[stripped]
diff --git a/extlibs/netty-resolver-4.1.45.Final.jar b/extlibs/netty-resolver-4.1.45.Final.jar
new file mode 100644
index e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..defcf0483208a89c6932d19cbf46cd4a3d2cda08
GIT binary patch
[stripped]
diff --git a/extlibs/netty-transport-4.1.24.Final.jar b/extlibs/netty-transport-4.1.24.Final.jar
deleted file mode 100644
index 63ad9edfc2052b1c41533b46d121e927c6f1e39f..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
GIT binary patch
[stripped]
diff --git a/extlibs/netty-transport-4.1.45.Final.jar b/extlibs/netty-transport-4.1.45.Final.jar
new file mode 100644
index e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..2a16b1cedf59c4f87a2af1a230c85305d3ade766
GIT binary patch
[stripped]
--
Repository URL: https://hg.python.org/jython
More information about the Jython-checkins
mailing list