You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@bookkeeper.apache.org by GitBox <gi...@apache.org> on 2021/12/21 08:14:58 UTC

[GitHub] [bookkeeper] nicoloboschi opened a new pull request #2951: [security] Upgrade Netty to 4.1.72 - CVE-2021-43797

nicoloboschi opened a new pull request #2951:
URL: https://github.com/apache/bookkeeper/pull/2951


   ### Motivation
   
   Netty versions prior to 4.1.71 are vulnerable to CVE-2021-43797
   https://nvd.nist.gov/vuln/detail/CVE-2021-43797
   
   
   Netty release notes:
   - https://netty.io/news/2021/10/11/4-1-69-Final.html
   - https://netty.io/news/2021/10/11/4-1-70-Final.html
   - https://netty.io/news/2021/12/09/4-1-71-Final.html
   - https://netty.io/news/2021/12/13/4-1-72-Final.html
   
   
   ### Changes
   - Upgraded Netty libraries to 4.1.72.Final
   - Upgraded netty-tcnative-boringssl-static to 2.0.46.Final which is compatible with Netty 4.1.72.Final


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@bookkeeper.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [bookkeeper] zymap merged pull request #2951: [security] Upgrade Netty to 4.1.72 - CVE-2021-43797

Posted by GitBox <gi...@apache.org>.

zymap merged pull request #2951:
URL: https://github.com/apache/bookkeeper/pull/2951


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@bookkeeper.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org