You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@zookeeper.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2022/04/26 05:56:00 UTC

[jira] [Updated] (ZOOKEEPER-4529) Upgrade netty to 4.1.75.Final

     [ https://issues.apache.org/jira/browse/ZOOKEEPER-4529?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

ASF GitHub Bot updated ZOOKEEPER-4529:
--------------------------------------
    Labels: pull-request-available  (was: )

> Upgrade netty to 4.1.75.Final
> -----------------------------
>
>                 Key: ZOOKEEPER-4529
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4529
>             Project: ZooKeeper
>          Issue Type: Improvement
>            Reporter: Ananya Singh
>            Assignee: Ananya Singh
>            Priority: Major
>              Labels: pull-request-available
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> To resolve the CVEs generated due to netty-tcnative-classes:jar:2.0.46.Final we should upgrade netty version.
> the following CVEs are coming due to dependency of io.netty:netty-codec:jar:4.1.73.Final on io.netty:netty-tcnative-classes:jar:2.0.46.Final.
>  
> CVE-2014-3488, CVE-2015-2156, CVE-2019-16869, CVE-2019-20444, CVE-2019-20445, CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-37136, CVE-2021-37137, CVE-2021-43797



--
This message was sent by Atlassian Jira
(v8.20.7#820007)