You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ozone.apache.org by GitBox <gi...@apache.org> on 2022/06/12 22:37:58 UTC

[GitHub] [ozone] smengcl commented on pull request #3505: HDDS-6871. Bump netty to 4.1.77 due to CVE-2022-24823

smengcl commented on PR #3505:
URL: https://github.com/apache/ozone/pull/3505#issuecomment-1153310765

   > Thanks @smengcl for the patch. Looks like dependencies have changed, `jar-report.txt` needs to be updated. (I think license needs no change, since these are just new jars from existing dependency.)
   > 
   > https://github.com/apache/ozone/runs/6834514417#step:5:27
   > 
   > Also, I guess HA and secure acceptance test timeouts could be related. (We usually need same version of Netty directly and via Ratis Thirdparty.)
   
   jar-report.txt is updated now. Thanks for catching this.
   
   Does that mean we need a new patch release of ratis-thirdparty just for this? Or we could use a SNAPSHOT jar for now?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org