This is an automated email from the ASF dual-hosted git repository.
showuon pushed a commit to branch 3.9
in repository https://gitbox.apache.org/repos/asf/kafka.git
The following commit(s) were added to refs/heads/3.9 by this push:
new d88c2183cea MINOR: Upgrade Netty to 4.19 (#19484)
d88c2183cea is described below
commit d88c2183ceaaaeb17fabf879771d0f598d7cd8e5
Author: Luke Chen <[email protected]>
AuthorDate: Wed Apr 16 12:45:07 2025 +0900
MINOR: Upgrade Netty to 4.19 (#19484)
CVE-2025-24970: Netty, an asynchronous, event-driven network application
framework, has a vulnerability starting in version 4.1.91.Final and
prior to version 4.1.118.Final.
Reviewers: TengYao Chi <[email protected]>
---
gradle/dependencies.gradle | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/gradle/dependencies.gradle b/gradle/dependencies.gradle
index 6eab0d0506e..5b982cac555 100644
--- a/gradle/dependencies.gradle
+++ b/gradle/dependencies.gradle
@@ -141,7 +141,7 @@ versions += [
lz4: "1.8.0",
mavenArtifact: "3.9.6",
metrics: "2.2.0",
- netty: "4.1.115.Final",
+ netty: "4.1.119.Final",
opentelemetryProto: "1.0.0-alpha",
protobuf: "3.25.5", // a dependency of opentelemetryProto
pcollections: "4.0.1",
