You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@bookkeeper.apache.org by "lhotari (via GitHub)" <gi...@apache.org> on 2023/06/22 12:05:55 UTC
[GitHub] [bookkeeper] lhotari opened a new pull request, #3999: Upgrade Netty to 4.1.94.Final to address CVE-2023-34462
lhotari opened a new pull request, #3999:
URL: https://github.com/apache/bookkeeper/pull/3999
### Motivation
OWASP dependency check fails because of CVE-2023-34462
```
Error: netty-handler-4.1.93.Final.jar: CVE-2023-34462(8.8)
```
### Changes
Upgrade Netty to 4.1.94.Final
Release notes: https://netty.io/news/2023/06/19/4-1-94-Final.html
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@bookkeeper.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [bookkeeper] hangc0276 commented on pull request #3999: Upgrade Netty to 4.1.94.Final to address CVE-2023-34462
Posted by "hangc0276 (via GitHub)" <gi...@apache.org>.
hangc0276 commented on PR #3999:
URL: https://github.com/apache/bookkeeper/pull/3999#issuecomment-1603458802
https://github.com/apache/bookkeeper/pull/3996
We already has one PR to upgrade the Netty version
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@bookkeeper.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [bookkeeper] Shoothzj merged pull request #3999: Upgrade Netty to 4.1.94.Final to address CVE-2023-34462
Posted by "Shoothzj (via GitHub)" <gi...@apache.org>.
Shoothzj merged PR #3999:
URL: https://github.com/apache/bookkeeper/pull/3999
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@bookkeeper.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
Re: [PR] Upgrade Netty to 4.1.94.Final to address CVE-2023-34462 [bookkeeper]
Posted by "zymap (via GitHub)" <gi...@apache.org>.
zymap commented on PR #3999:
URL: https://github.com/apache/bookkeeper/pull/3999#issuecomment-1844203008
Too many conflicts to cherry-pick to 4.15.5.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@bookkeeper.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org