You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@zookeeper.apache.org by "Ananya Singh (Jira)" <ji...@apache.org> on 2022/04/28 08:22:00 UTC
[jira] [Updated] (ZOOKEEPER-4529) Upgrade netty to 4.1.76.Final
[ https://issues.apache.org/jira/browse/ZOOKEEPER-4529?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ananya Singh updated ZOOKEEPER-4529:
------------------------------------
Summary: Upgrade netty to 4.1.76.Final (was: Upgrade netty to 4.1.75.Final)
> Upgrade netty to 4.1.76.Final
> -----------------------------
>
> Key: ZOOKEEPER-4529
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4529
> Project: ZooKeeper
> Issue Type: Improvement
> Reporter: Ananya Singh
> Assignee: Ananya Singh
> Priority: Major
> Labels: pull-request-available
> Time Spent: 2h 10m
> Remaining Estimate: 0h
>
> To resolve the CVEs generated due to netty-tcnative-classes:jar:2.0.46.Final we should upgrade netty version.
> the following CVEs are coming due to dependency of io.netty:netty-codec:jar:4.1.73.Final on io.netty:netty-tcnative-classes:jar:2.0.46.Final.
>
> CVE-2014-3488, CVE-2015-2156, CVE-2019-16869, CVE-2019-20444, CVE-2019-20445, CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-37136, CVE-2021-37137, CVE-2021-43797
--
This message was sent by Atlassian Jira
(v8.20.7#820007)