You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@servicecomb.apache.org by GitBox <gi...@apache.org> on 2022/12/22 14:01:46 UTC

[GitHub] [servicecomb-java-chassis] liyj0207 opened a new issue, #3540: 引用config-kie-client会有高危安全漏洞引用组件APR，包含在netty-tcnative-boringssl-static

liyj0207 opened a new issue, #3540:
URL: https://github.com/apache/servicecomb-java-chassis/issues/3540

   引用版本2.8.3


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@servicecomb.apache.org.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [servicecomb-java-chassis] liubao68 commented on issue #3540: 引用config-kie-client会有高危安全漏洞引用组件APR，包含在netty-tcnative-boringssl-static

Posted by GitBox <gi...@apache.org>.

liubao68 commented on issue #3540:
URL: https://github.com/apache/servicecomb-java-chassis/issues/3540#issuecomment-1364482868

   可以给一下具体是哪个组件涉及吗？


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@servicecomb.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [servicecomb-java-chassis] liyj0207 commented on issue #3540: 引用config-kie-client会有高危安全漏洞引用组件APR，包含在netty-tcnative-boringssl-static

Posted by GitBox <gi...@apache.org>.

liyj0207 commented on issue #3540:
URL: https://github.com/apache/servicecomb-java-chassis/issues/3540#issuecomment-1362875857

   CVE-2017-12613，CVE-2021-35940


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@servicecomb.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [servicecomb-java-chassis] yanghao605 commented on issue #3540: 引用config-kie-client会有高危安全漏洞引用组件APR，包含在netty-tcnative-boringssl-static

Posted by GitBox <gi...@apache.org>.

yanghao605 commented on issue #3540:
URL: https://github.com/apache/servicecomb-java-chassis/issues/3540#issuecomment-1367047137

   这个APR是tcnative的依赖软件，
   [CVE-2021-35940](https://github.com/advisories/GHSA-95qq-4mqm-pp5g) 这个漏洞servicecomb不涉及
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@servicecomb.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org