You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@hbase.apache.org by "Nikita Pande (Jira)" <ji...@apache.org> on 2024/04/10 02:10:00 UTC
[jira] [Commented] (HBASE-28486) fix CVE-2024-29025 in netty package
[ https://issues.apache.org/jira/browse/HBASE-28486?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17835567#comment-17835567 ]
Nikita Pande commented on HBASE-28486:
--------------------------------------
[~zhangduo] can this be taken in now? Since https://issues.apache.org/jira/browse/HBASE-28491 is resolved
> fix CVE-2024-29025 in netty package
> ------------------------------------
>
> Key: HBASE-28486
> URL: https://issues.apache.org/jira/browse/HBASE-28486
> Project: HBase
> Issue Type: Improvement
> Reporter: Nikita Pande
> Assignee: Nikita Pande
> Priority: Major
> Labels: pull-request-available
>
> Following CVEs are observed in io.netty : netty-handler and io.netty : netty-codec-http : 4.1.100.Final
> [CVE-2024-29025|http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-29025]
> sonatype-2020-0026
>
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)