Re: [jira] [Created] (ZOOKEEPER-4696) Update for Zookeeper latest version

Ben Johnston Thu, 18 May 2023 10:54:42 -0700

> version of zookeeper we are using is 3.8.0

The latest zookeeper release is 3.8.1 
(https://github.com/apache/zookeeper/releases/tag/release-3.8.1) that included 
a number of bugfixes, probably some that are in your list


The 3.8.1 does have a medium and low CVE that are on the jetty server. 
CVE-2023-26048 and CVE-2023-26049. When might the team do a release to do 
security fixes?

Thanks,

Ben Johnston, GCIH, GCFA, GPEN
Application Security Engineer
COFENSE
o. 785-250-4412
e. ben.johns...@cofense.com<mailto:ben.johns...@cofense.com>

Connect with Cofense:

[https://cofense.com/wp-content/uploads/2019/07/cofense.png]<https://cofense.com/>[https://cofense.com/wp-content/uploads/2019/06/fb.png]<https://facebook.com/cofense>[https://cofense.com/wp-content/uploads/2019/06/tw.png]<https://twitter.com/cofense>[https://cofense.com/wp-content/uploads/2019/06/li.png]<https://linkedin.com/company/cofense>[https://cofense.com/wp-content/uploads/2019/06/ig.png]<https://www.instagram.com/cofense/>[https://cofense.com/wp-content/uploads/2019/06/m.png]<https://www.themuse.com/profiles/cofense>



From: Dilip anand (Jira) <j...@apache.org>
Date: Tuesday, May 16, 2023 at 11:34 AM
To: dev@zookeeper.apache.org <dev@zookeeper.apache.org>
Subject: [jira] [Created] (ZOOKEEPER-4696) Update for Zookeeper latest version
External Email

Dilip anand created ZOOKEEPER-4696:
--------------------------------------

             Summary: Update for Zookeeper latest version
                 Key: ZOOKEEPER-4696
                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4696
             Project: ZooKeeper
          Issue Type: Bug
            Reporter: Dilip anand


Hi team,

       We ran a scan for security vulnerability fixes,we have seen CVE's that 
are affected for zookeeper and version of zookeeper we are using is 3.8.0 .Here 
are the CVE's which are affected with zookeeper 
CVE-2022-32221,CVE-2023-23914,CVE-2023-27533,CVE-2023-27534,CVE-2022-22576,CVE-2020-8169,CVE-2020-8285,CVE-2020-8286,CVE-2021-22926,CVE-2021-22946,CVE-2022-27775,CVE-2022-27781,CVE-2022-27782,CVE-2023-23916
 which do not have any reports in red hat website. we want to know what version 
of zookeeper will clear these CVEs and when it'll be released?

Regards,
Dilip



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Re: [jira] [Created] (ZOOKEEPER-4696) Update for Zookeeper latest version

Reply via email to