You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@zookeeper.apache.org by GitBox <gi...@apache.org> on 2022/06/01 21:23:28 UTC

[GitHub] [zookeeper] lmr3796 opened a new pull request, #1890: Bump netty version to fix CVE-2022-24823

lmr3796 opened a new pull request, #1890:
URL: https://github.com/apache/zookeeper/pull/1890

   According to the page
   > The package `io.netty:netty-codec-http` prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290.
   https://nvd.nist.gov/vuln/detail/CVE-2022-24823


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@zookeeper.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

Re: [PR] Bump netty version to fix CVE-2022-24823 [zookeeper]

Posted by "anmolnar (via GitHub)" <gi...@apache.org>.

anmolnar commented on PR #1890:
URL: https://github.com/apache/zookeeper/pull/1890#issuecomment-1745011611

   Already on Netty 4.1.94


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@zookeeper.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [zookeeper] Shoothzj commented on pull request #1890: Bump netty version to fix CVE-2022-24823

Posted by GitBox <gi...@apache.org>.

Shoothzj commented on PR #1890:
URL: https://github.com/apache/zookeeper/pull/1890#issuecomment-1145438859

   @lmr3796 Sorry, I am not zookeeper maintainer, I can help you ping them who I knows. @maoling @eolivelli 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@zookeeper.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [zookeeper] lmr3796 commented on pull request #1890: Bump netty version to fix CVE-2022-24823

Posted by GitBox <gi...@apache.org>.

lmr3796 commented on PR #1890:
URL: https://github.com/apache/zookeeper/pull/1890#issuecomment-1144165003

   Similar patch were also included for Cassandra
   https://issues.apache.org/jira/browse/CASSANDRA-17633


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@zookeeper.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

Re: [PR] Bump netty version to fix CVE-2022-24823 [zookeeper]

Posted by "anmolnar (via GitHub)" <gi...@apache.org>.

anmolnar closed pull request #1890: Bump netty version to fix CVE-2022-24823
URL: https://github.com/apache/zookeeper/pull/1890


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@zookeeper.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [zookeeper] lmr3796 commented on pull request #1890: Bump netty version to fix CVE-2022-24823

Posted by GitBox <gi...@apache.org>.

lmr3796 commented on PR #1890:
URL: https://github.com/apache/zookeeper/pull/1890#issuecomment-1145359979

   Hi @Shoothzj !
   
   Thanks for the review.  Wondering if you can grant the access to run the CI workflows?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@zookeeper.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [zookeeper] lmr3796 commented on pull request #1890: Bump netty version to fix CVE-2022-24823

Posted by GitBox <gi...@apache.org>.

lmr3796 commented on PR #1890:
URL: https://github.com/apache/zookeeper/pull/1890#issuecomment-1144164424

   @arshadmohammad @Shoothzj
   Wondering if you can take a look at this one.  I saw you reviewed on this relevant PR https://github.com/apache/zookeeper/pull/1867


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@zookeeper.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org