[jira] [Updated] (KAFKA-15319) Upgrade rocksdb to fix CVE-2022-37434

Matthias J. Sax (Jira) Thu, 26 Oct 2023 18:47:22 -0700


     [ 
https://issues.apache.org/jira/browse/KAFKA-15319?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Matthias J. Sax updated KAFKA-15319:
------------------------------------
    Fix Version/s: 3.5.2

> Upgrade rocksdb to fix CVE-2022-37434
> -------------------------------------
>
>                 Key: KAFKA-15319
>                 URL: https://issues.apache.org/jira/browse/KAFKA-15319
>             Project: Kafka
>          Issue Type: Bug
>          Components: streams
>    Affects Versions: 3.4.1
>            Reporter: Maruthi
>            Assignee: Lucas Brutschy
>            Priority: Critical
>             Fix For: 3.6.0, 3.5.2
>
>         Attachments: compat_report.html.zip
>
>
> Rocksdbjni<7.9.2 is vulnerable to CVE-2022-37434 due to zlib 1.2.12
> Upgrade to 1.2.13 to fix 
> https://github.com/facebook/rocksdb/commit/0993c9225f8086bab6c4c0a2d7206897d1cc688c



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (KAFKA-15319) Upgrade rocksdb to fix CVE-2022-37434

Reply via email to