You are viewing a plain text version of this content. The canonical link for it is here.

Posted to jira@kafka.apache.org by "Emanuele Maccherani (Jira)" <ji...@apache.org> on 2020/05/14 18:32:00 UTC

[jira] [Created] (KAFKA-9996) upgrade zookeeper to 3.5.8 to address security vulnerabilities

Emanuele Maccherani created KAFKA-9996:
------------------------------------------

             Summary: upgrade zookeeper to 3.5.8 to address security vulnerabilities
                 Key: KAFKA-9996
                 URL: https://issues.apache.org/jira/browse/KAFKA-9996
             Project: Kafka
          Issue Type: Bug
          Components: packaging
    Affects Versions: 2.5.0
            Reporter: Emanuele Maccherani


Kafka is now using zookeeper 3.5.7, which is affected by CVE-2020-8840 and CVE-2020-9488. Those 2 are resolved in 3.5.8.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)