We are happy to announce the release of netty 4.1.77.Final. This release is a bug-fix release, which also contains a fix for a CVE which only affects users running Java 6. Beside this it also fixes a bug which can cause the native epoll transport to be unusable on systems that not implement epoll_pwait2 (like ubuntu 22.04. The most important changes are:

• Local Information Disclosure Vulnerability in Netty on Unix-Like systems due temporary files for Java 6 and lower in io.netty:netty-codec-http (CVE-2022-24823)
• Upgraded the optional netty-tcnative dependency to version 2.0.52.Final (#12162)
• Fix a bug where Netty fails to load a shaded native library (#12358)
• Include classifier in Automatic-Module-Name (#12354)
• Check if epoll_pwait2 is implemented (#12345)
• Don't call strdup on packagePrefix (#12322)
• Enable debugging of asynchronous tasks in Intellij (#12319)
• Throwing an exception in case glibc is missing instead of segfaulting the JVM (#11701) For the details and all changes, please browse our issue tracker for 4.1.77.Final.

Thank You

Every idea and bug-report counts and so we thought it is worth mentioning those who helped in this area.

Please report an unintended omission.

• @amlyczz
• @arthur-zhang
• @chrisvest
• @cuishuang
• @JLLeitschuh
• @jonatan-ivanov
• @hyperxpro
• @lackovic
• @normanmaurer
• @trustin