netty-3.9 (3.9.9.Final-1+deb9u1build0.18.04.1) bionic-security; urgency=medium

  * fake sync from Debian

 -- Paulo Flabiano Smorigo <pfsmorigo@canonical.com>  Mon, 14 Sep 2020 17:52:12 +0000

netty-3.9 (3.9.9.Final-1+deb9u1) stretch-security; urgency=high

  * Non-maintainer upload by the LTS Team.
  * Correctly handle whitespaces in HTTP header names as defined by
    RFC7230#section-3.2.4 (CVE-2019-16869) (Closes: #941266)
  * Detect missing colon when parsing http headers with no value
    (CVE-2019-20444) (Closes: #950966)
  * Correctly handle Content-Length header that is accompanied by a second
    Content-Length header, or by a Transfer-Encoding header, by removing the
    extra Content-Length header. (CVE-2019-20445) (Closes: #950967)

 -- Roberto C. Sanchez <roberto@debian.org>  Mon, 24 Aug 2020 17:51:50 -0400

netty-3.9 (3.9.9.Final-1) unstable; urgency=medium

  * Team upload.
  * New upstream release (Closes: #793770)
    - Refreshed the patches
    - New dependencies on libjboss-logging-java, libbcpkix-java
      and libnetty-tcnative-java
    - Disabled NPN support (obsolete and missing dependencies)
  * Switch to debhelper level 10
  * Modified the watch file to track the 3.9.x releases from Git

 -- Emmanuel Bourg <ebourg@apache.org>  Tue, 10 Jan 2017 00:01:59 +0100

netty-3.9 (3.9.0.Final-2) unstable; urgency=medium

  * Team upload.
  * Transition to the Servlet API 3.1 (Closes: #801024)
  * Fixed the build failure caused by the fix for #766392
    in maven-debian-helper 2.0.3 (Closes: #813642)
  * Added the missing Vcs-* fields
  * Standards-Version updated to 3.9.8 (no changes)
  * Let maven-debian-helper compute the package dependencies

 -- Emmanuel Bourg <ebourg@apache.org>  Mon, 20 Jun 2016 19:47:29 +0200

netty-3.9 (3.9.0.Final-1) unstable; urgency=medium

  * Initial release (Closes: #736645)

 -- Hilko Bengen <bengen@debian.org>  Sun, 08 Jun 2014 18:55:20 +0200
