[
https://issues.apache.org/jira/browse/CASSANDRA-15873?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Aleksey Yeschenko updated CASSANDRA-15873:
------------------------------------------
Status: Open (was: Resolved)
Reopening this one, as doing a major Netty upgrade in a minor 3.11.x is a more
questionable proposition than doing a minor Netty upgrade in a major 4.0 C*.
> Update Netty 4.0.44 -> 4.1.50 (fix security/performance issues)
> ---------------------------------------------------------------
>
> Key: CASSANDRA-15873
> URL: https://issues.apache.org/jira/browse/CASSANDRA-15873
> Project: Cassandra
> Issue Type: Task
> Components: Dependencies
> Reporter: Matt Davis
> Priority: Normal
> Attachments: dependency-check-report.html
>
>
> See https://issues.apache.org/jira/browse/CASSANDRA-15868 for the same issue
> on 4.0 / trunk. Attached is an OWASP dependency report for Netty 4.0.44,
> which identifies 3 of the same vulnerabilities as above.
>
> Additionally, 4.1.50 contains aarch64 native libraries which can improve
> performance on ARM processors.
>
> (If the preference is to handle PRs for both versions/branches in a single
> issue, feel free to close this as a duplicate.)
>
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
