You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@zookeeper.apache.org by Patrick Hunt <ph...@apache.org> on 2023/11/15 17:04:34 UTC
FYI: ZK owasp checks failing
FYI all of the current codelines are failing owasp check with the
following. We should try to get it into the next release...
https://ci-hadoop.apache.org/view/ZooKeeper/job/zookeeper-multi-branch-owasp/
16:51:13 [ERROR] jetty-io-9.4.52.v20230823.jar: CVE-2023-44487(7.5),
CVE-2023-36478(7.5)
16:51:13 [ERROR] jetty-server-9.4.52.v20230823.jar: CVE-2023-44487(7.5),
CVE-2023-36478(7.5)
16:51:13 [ERROR] netty-transport-4.1.94.Final.jar: CVE-2023-44487(7.5)
It's been reported in JIRA, tracked here:
https://issues.apache.org/jira/browse/ZOOKEEPER-4759
Regards,
Patrick