ssainz opened a new issue, #2552: URL: https://github.com/apache/drill/issues/2552
**Describe the bug** CVE-2022-24823 in Netty .4.1.73.Final. **To Reproduce** Steps to reproduce the behavior: 1. Check Apache Drill pom.xml file: https://github.com/apache/drill/blob/master/pom.xml#L123 It ships the netty v4.1.73. 3. Read through : [https://nvd.nist.gov/vuln/detail/CVE-2022-24823](https://nvd.nist.gov/vuln/detail/CVE-2022-24823) for more details why v4.1.73. is vulnerable **Expected behavior** Drill to use 4.1.77 **Screenshots** If applicable, add screenshots to help explain your problem. **Desktop (please complete the following information):** - OS: [e.g. iOS] - Browser [e.g. chrome, safari] - Version [e.g. 22] **Smartphone (please complete the following information):** - Device: [e.g. iPhone6] - OS: [e.g. iOS8.1] - Browser [e.g. stock browser, safari] - Version [e.g. 22] **Additional context** Add any other context about the problem here. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@drill.apache.org.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
