You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cassandra.apache.org by "Matt Davis (Jira)" <ji...@apache.org> on 2020/06/12 18:17:00 UTC

[jira] [Updated] (CASSANDRA-15873) Update Netty 4.0.44 -> 4.1.50 (fix security/performance issues)

     [ https://issues.apache.org/jira/browse/CASSANDRA-15873?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Matt Davis updated CASSANDRA-15873:
-----------------------------------
    Description: 
See https://issues.apache.org/jira/browse/CASSANDRA-15868 for the same issue on 4.0 / trunk. Attached is an OWASP dependency report for Netty 4.0.44, which identifies 3 of the same vulnerabilities as above.

 

Additionally, 4.1.50 contains aarch64 native libraries which can improve performance on ARM processors.

 

(If the preference is to handle PRs for both versions/branches in a single issue, feel free to close this as a duplicate.)

 

 

  was:
See https://issues.apache.org/jira/browse/CASSANDRA-15868 for the same issue on 4.0 / trunk. Attached is an OWASP dependency report for Netty 4.0.44, which identifies 3 of the same vulnerabilities as the above issue.

 

Additionally, 4.1.50 contains aarch64 native libraries which can improve performance on ARM processors.

 

(If the preference is to handle PRs for both versions/branches in a single issue, feel free to close this as a duplicate.)

 

 


> Update Netty 4.0.44 -> 4.1.50 (fix security/performance issues)
> ---------------------------------------------------------------
>
>                 Key: CASSANDRA-15873
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-15873
>             Project: Cassandra
>          Issue Type: Task
>          Components: Dependencies
>            Reporter: Matt Davis
>            Priority: Normal
>         Attachments: dependency-check-report.html
>
>
> See https://issues.apache.org/jira/browse/CASSANDRA-15868 for the same issue on 4.0 / trunk. Attached is an OWASP dependency report for Netty 4.0.44, which identifies 3 of the same vulnerabilities as above.
>  
> Additionally, 4.1.50 contains aarch64 native libraries which can improve performance on ARM processors.
>  
> (If the preference is to handle PRs for both versions/branches in a single issue, feel free to close this as a duplicate.)
>  
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org