From 8ee5c19ba867feb62c5ba82dee3fd1fc2d909cca Mon Sep 17 00:00:00 2001 From: Kalaiyarasiganeshalingam Date: Fri, 19 Dec 2025 11:40:36 +0530 Subject: [PATCH 1/5] Update netty version --- ballerina/Ballerina.toml | 32 ++++++++++++++++---------------- gradle.properties | 2 +- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/ballerina/Ballerina.toml b/ballerina/Ballerina.toml index edecab732..8a3b78984 100644 --- a/ballerina/Ballerina.toml +++ b/ballerina/Ballerina.toml @@ -39,50 +39,50 @@ path = "./lib/constraint-native-1.7.0.jar" [[platform.java21.dependency]] groupId = "io.netty" artifactId = "netty-common" -version = "4.1.126.Final" -path = "./lib/netty-common-4.1.126.Final.jar" +version = "4.1.129.Final" +path = "./lib/netty-common-4.1.129.Final.jar" [[platform.java21.dependency]] groupId = "io.netty" artifactId = "netty-buffer" -version = "4.1.126.Final" -path = "./lib/netty-buffer-4.1.126.Final.jar" +version = "4.1.129.Final" +path = "./lib/netty-buffer-4.1.129.Final.jar" [[platform.java21.dependency]] groupId = "io.netty" artifactId = "netty-transport" -version = "4.1.126.Final" -path = "./lib/netty-transport-4.1.126.Final.jar" +version = "4.1.129.Final" +path = "./lib/netty-transport-4.1.129.Final.jar" [[platform.java21.dependency]] groupId = "io.netty" artifactId = "netty-resolver" -version = "4.1.126.Final" -path = "./lib/netty-resolver-4.1.126.Final.jar" +version = "4.1.129.Final" +path = "./lib/netty-resolver-4.1.129.Final.jar" [[platform.java21.dependency]] groupId = "io.netty" artifactId = "netty-handler" -version = "4.1.126.Final" -path = "./lib/netty-handler-4.1.126.Final.jar" +version = "4.1.129.Final" +path = "./lib/netty-handler-4.1.129.Final.jar" [[platform.java21.dependency]] groupId = "io.netty" artifactId = "netty-codec-http" -version = "4.1.126.Final" -path = "./lib/netty-codec-http-4.1.126.Final.jar" +version = "4.1.129.Final" +path = "./lib/netty-codec-http-4.1.129.Final.jar" [[platform.java21.dependency]] groupId = "io.netty" artifactId = "netty-codec" -version = "4.1.126.Final" -path = "./lib/netty-codec-4.1.126.Final.jar" +version = "4.1.129.Final" +path = "./lib/netty-codec-4.1.129.Final.jar" [[platform.java21.dependency]] groupId = "io.netty" artifactId = "netty-handler-proxy" -version = "4.1.126.Final" -path = "./lib/netty-handler-proxy-4.1.126.Final.jar" +version = "4.1.129.Final" +path = "./lib/netty-handler-proxy-4.1.129.Final.jar" [[platform.java21.dependency]] path = "../test-utils/build/libs/websocket-test-utils-2.15.0.jar" diff --git a/gradle.properties b/gradle.properties index 14245de93..bee85d6c2 100644 --- a/gradle.properties +++ b/gradle.properties @@ -3,7 +3,7 @@ group=io.ballerina.stdlib version=2.15.1-SNAPSHOT ballerinaLangVersion=2201.13.0 ballerinaTomlParserVersion=1.2.2 -nettyVersion=4.1.126.Final +nettyVersion=4.1.130.Final slf4jVersion=1.7.30 puppycrawlCheckstyleVersion=10.12.0 unirestVersion=1.4.9 From 3a7901be2b4e001d7f7285ae526dbf8eeb2d3492 Mon Sep 17 00:00:00 2001 From: Kalaiyarasiganeshalingam Date: Tue, 23 Dec 2025 16:07:23 +0530 Subject: [PATCH 2/5] Add default socket configs --- ballerina/build.gradle | 1 + .../websocket/serviceendpoint/InitEndpoint.java | 12 ++++++++++++ 2 files changed, 13 insertions(+) diff --git a/ballerina/build.gradle b/ballerina/build.gradle index 6f3c8ed43..488db2cac 100644 --- a/ballerina/build.gradle +++ b/ballerina/build.gradle @@ -163,6 +163,7 @@ build.dependsOn ":${packageName}-native:build" build.dependsOn ":${packageName}-test-utils:build" build.dependsOn ":${packageName}-compiler-plugin:build" test.dependsOn ":${packageName}-native:build" +test.dependsOn ":${packageName}-test-utils:build" test.dependsOn ":${packageName}-compiler-plugin:build" publishToMavenLocal.dependsOn build diff --git a/native/src/main/java/io/ballerina/stdlib/websocket/serviceendpoint/InitEndpoint.java b/native/src/main/java/io/ballerina/stdlib/websocket/serviceendpoint/InitEndpoint.java index 3a2c76e45..a4fc3abf2 100644 --- a/native/src/main/java/io/ballerina/stdlib/websocket/serviceendpoint/InitEndpoint.java +++ b/native/src/main/java/io/ballerina/stdlib/websocket/serviceendpoint/InitEndpoint.java @@ -54,6 +54,10 @@ * */ public class InitEndpoint extends AbstractWebsocketNativeFunction { + + private static final int BUFFER_SIZE = 1048576; + private static final int BACK_LOG = 100; + public static Object initEndpoint(BObject serviceEndpoint) { ServerConnector httpServerConnector; try { @@ -134,6 +138,8 @@ private static ListenerConfiguration getListenerConfig(long port, BMap endpointC listenerConfiguration.setWebSocketCompressionEnabled((Boolean) webSocketCompressionEnabled); } + setSocketConfig(endpointConfig, listenerConfiguration); + if (sslConfig != null) { return setSslConfig(sslConfig, listenerConfiguration); } @@ -141,6 +147,12 @@ private static ListenerConfiguration getListenerConfig(long port, BMap endpointC return listenerConfiguration; } + private static void setSocketConfig(BMap endpointConfig, ListenerConfiguration listenerConfiguration) { + listenerConfiguration.setReceiveBufferSize(BUFFER_SIZE); + listenerConfiguration.setSendBufferSize(BUFFER_SIZE); + listenerConfiguration.setSoBackLog(BACK_LOG); + } + private static ListenerConfiguration setSslConfig(BMap secureSocket, ListenerConfiguration listenerConfiguration) { List serverParamList = new ArrayList<>(); From 2633a7711ba8c09402741936ca8bb28c793459a5 Mon Sep 17 00:00:00 2001 From: TharmiganK Date: Fri, 9 Jan 2026 08:39:29 +0530 Subject: [PATCH 3/5] Update library patch versions --- gradle.properties | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/gradle.properties b/gradle.properties index bee85d6c2..12db2a966 100644 --- a/gradle.properties +++ b/gradle.properties @@ -26,23 +26,23 @@ stdlibUrlVersion=2.6.0 stdlibConstraintVersion=1.7.0 stdlibCryptoVersion=2.9.2 stdlibLogVersion=2.13.0 -stdlibOsVersion=1.10.0 +stdlibOsVersion=1.10.1 stdlibTaskVersion=2.11.0 # Level 03 stdlibCacheVersion=3.10.0 stdlibFileVersion=1.12.0 -stdlibMimeVersion=2.12.0 +stdlibMimeVersion=2.12.1 stdlibUuidVersion=1.10.0 # Level 04 stdlibAuthVersion=2.14.0 -stdlibDataJsonDataVersion=1.1.2 -stdlibJwtVersion=2.15.0 +stdlibDataJsonDataVersion=1.1.3 +stdlibJwtVersion=2.15.1 stdlibOAuth2Version=2.15.0 # Level 05 -stdlibHttpVersion=2.15.0 +stdlibHttpVersion=2.15.4-20260105-153100-46b50ac # Ballerinax Observer observeVersion=1.5.0 From bb0b97a594f1fba98e1e509ebb577c4609937aba Mon Sep 17 00:00:00 2001 From: TharmiganK Date: Fri, 9 Jan 2026 08:42:58 +0530 Subject: [PATCH 4/5] [Automated] Update the native jar versions --- ballerina/Ballerina.toml | 48 +++++++++++++++++------------------ ballerina/CompilerPlugin.toml | 6 ++--- ballerina/Dependencies.toml | 2 +- 3 files changed, 28 insertions(+), 28 deletions(-) diff --git a/ballerina/Ballerina.toml b/ballerina/Ballerina.toml index 8a3b78984..4f2d1c9a1 100644 --- a/ballerina/Ballerina.toml +++ b/ballerina/Ballerina.toml @@ -1,7 +1,7 @@ [package] org = "ballerina" name = "websocket" -version = "2.15.0" +version = "2.15.1" authors = ["Ballerina"] keywords = ["ws", "network", "bi-directional", "streaming", "service", "client"] repository = "https://github.com/ballerina-platform/module-ballerina-websocket" @@ -15,20 +15,20 @@ graalvmCompatible = true [[platform.java21.dependency]] groupId = "io.ballerina.stdlib" artifactId = "websocket-native" -version = "2.15.0" -path = "../native/build/libs/websocket-native-2.15.0.jar" +version = "2.15.1" +path = "../native/build/libs/websocket-native-2.15.1-SNAPSHOT.jar" [[platform.java21.dependency]] groupId = "io.ballerina.stdlib" artifactId = "http-native" -version = "2.15.0" -path = "./lib/http-native-2.15.0.jar" +version = "2.15.4" +path = "./lib/http-native-2.15.4-20260105-153100-46b50ac.jar" [[platform.java21.dependency]] groupId = "io.ballerina.stdlib" artifactId = "mime-native" -version = "2.12.0" -path = "./lib/mime-native-2.12.0.jar" +version = "2.12.1" +path = "./lib/mime-native-2.12.1.jar" [[platform.java21.dependency]] groupId = "io.ballerina.stdlib" @@ -39,51 +39,51 @@ path = "./lib/constraint-native-1.7.0.jar" [[platform.java21.dependency]] groupId = "io.netty" artifactId = "netty-common" -version = "4.1.129.Final" -path = "./lib/netty-common-4.1.129.Final.jar" +version = "4.1.130.Final" +path = "./lib/netty-common-4.1.130.Final.jar" [[platform.java21.dependency]] groupId = "io.netty" artifactId = "netty-buffer" -version = "4.1.129.Final" -path = "./lib/netty-buffer-4.1.129.Final.jar" +version = "4.1.130.Final" +path = "./lib/netty-buffer-4.1.130.Final.jar" [[platform.java21.dependency]] groupId = "io.netty" artifactId = "netty-transport" -version = "4.1.129.Final" -path = "./lib/netty-transport-4.1.129.Final.jar" +version = "4.1.130.Final" +path = "./lib/netty-transport-4.1.130.Final.jar" [[platform.java21.dependency]] groupId = "io.netty" artifactId = "netty-resolver" -version = "4.1.129.Final" -path = "./lib/netty-resolver-4.1.129.Final.jar" +version = "4.1.130.Final" +path = "./lib/netty-resolver-4.1.130.Final.jar" [[platform.java21.dependency]] groupId = "io.netty" artifactId = "netty-handler" -version = "4.1.129.Final" -path = "./lib/netty-handler-4.1.129.Final.jar" +version = "4.1.130.Final" +path = "./lib/netty-handler-4.1.130.Final.jar" [[platform.java21.dependency]] groupId = "io.netty" artifactId = "netty-codec-http" -version = "4.1.129.Final" -path = "./lib/netty-codec-http-4.1.129.Final.jar" +version = "4.1.130.Final" +path = "./lib/netty-codec-http-4.1.130.Final.jar" [[platform.java21.dependency]] groupId = "io.netty" artifactId = "netty-codec" -version = "4.1.129.Final" -path = "./lib/netty-codec-4.1.129.Final.jar" +version = "4.1.130.Final" +path = "./lib/netty-codec-4.1.130.Final.jar" [[platform.java21.dependency]] groupId = "io.netty" artifactId = "netty-handler-proxy" -version = "4.1.129.Final" -path = "./lib/netty-handler-proxy-4.1.129.Final.jar" +version = "4.1.130.Final" +path = "./lib/netty-handler-proxy-4.1.130.Final.jar" [[platform.java21.dependency]] -path = "../test-utils/build/libs/websocket-test-utils-2.15.0.jar" +path = "../test-utils/build/libs/websocket-test-utils-2.15.1-SNAPSHOT.jar" scope = "testOnly" diff --git a/ballerina/CompilerPlugin.toml b/ballerina/CompilerPlugin.toml index 3bdfc739d..8cd7a4a7a 100644 --- a/ballerina/CompilerPlugin.toml +++ b/ballerina/CompilerPlugin.toml @@ -3,10 +3,10 @@ id = "websocket-compiler-plugin" class = "io.ballerina.stdlib.websocket.plugin.WebSocketCompilerPlugin" [[dependency]] -path = "../compiler-plugin/build/libs/websocket-compiler-plugin-2.15.0.jar" +path = "../compiler-plugin/build/libs/websocket-compiler-plugin-2.15.1-SNAPSHOT.jar" [[dependency]] -path = "../native/build/libs/websocket-native-2.15.0.jar" +path = "../native/build/libs/websocket-native-2.15.1-SNAPSHOT.jar" [[dependency]] -path = "./lib/http-native-2.15.0.jar" +path = "./lib/http-native-2.15.4-20260105-153100-46b50ac.jar" diff --git a/ballerina/Dependencies.toml b/ballerina/Dependencies.toml index f2c389fa1..0e185664f 100644 --- a/ballerina/Dependencies.toml +++ b/ballerina/Dependencies.toml @@ -354,7 +354,7 @@ dependencies = [ [[package]] org = "ballerina" name = "websocket" -version = "2.15.0" +version = "2.15.1" dependencies = [ {org = "ballerina", name = "auth"}, {org = "ballerina", name = "constraint"}, From 848cc727cd14d45fe4152719b2939178d12c751b Mon Sep 17 00:00:00 2001 From: TharmiganK Date: Fri, 9 Jan 2026 08:51:22 +0530 Subject: [PATCH 5/5] Update changelog --- changelog.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/changelog.md b/changelog.md index 1b9bb93d3..ea81882a1 100644 --- a/changelog.md +++ b/changelog.md @@ -5,6 +5,12 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), ## [Unreleased] +### Fixed + +- [Address `CVE-2025-67735` security vulnerability in Netty](https://github.com/ballerina-platform/ballerina-library/issues/8538) + +## [2.15.0] - 2025-11-06 + ### Added - [Support Custom Remote Function Mapping via Annotation](https://github.com/ballerina-platform/ballerina-library/issues/7733)