You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@bookkeeper.apache.org by GitBox <gi...@apache.org> on 2020/10/12 00:41:26 UTC

[GitHub] [bookkeeper] Ghatage edited a comment on issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image

Ghatage edited a comment on issue #2387:
URL: https://github.com/apache/bookkeeper/issues/2387#issuecomment-706796899


    @eolivelli The requirement for netty is to be at 4.1.44-Final at the least.
   It seems we are already at netty [4.1.50-Final](https://github.com/apache/bookkeeper/blob/41412bc647f94d6e13d8dde6daa3081c010d0806/pom.xml#L153) which happened [just a month ago](https://github.com/apache/bookkeeper/commit/7850554a8349cedf1d9236a242e2f7739b471bc9) so I think we are good on that for future releases. Should I backport these changes to [branch-4.9](https://github.com/apache/bookkeeper/tree/branch-4.9)?
   
   [Same with jackson-databind](https://github.com/apache/bookkeeper/blob/41412bc647f94d6e13d8dde6daa3081c010d0806/pom.xml#L139) dependency.


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org