Hi,
I was trying to understand whether Geode is impacted by a security vulnerability reported on JGroups (CVE-2016-2141<https://www.cvedetails.com/cve/CVE-2016-2141/>). The vulnerability is related to member authentication and communication encryption. What I could learn from this RFC<https://cwiki.apache.org/confluence/display/GEODE/Replace+UDP+messaging+for+membership+with+TCP> is that geode doesn’t utilize the JGroups membership system, but only the UDP messaging, on top of which a custom encryption system is implemented. >From this I would say that the reported vulnerability doesn’t really apply to >Geode. Nevertheless, I wanted to double-check this. BR, Mario
