Dhoka Pramod created ZOOKEEPER-4762: ---------------------------------------
Summary: Update netty jars to 4.1.99+ to fix CVE-2023-4586 Key: ZOOKEEPER-4762 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4762 Project: ZooKeeper Issue Type: Bug Affects Versions: 3.8.3 Reporter: Dhoka Pramod Fix For: 3.8.4 [https://nvd.nist.gov/vuln/detail/CVE-2023-4586] A vulnerability was found in the Hot Rod client. This security issue occurs as the Hot Rod client does not enable hostname validation when using TLS, possibly resulting in a man-in-the-middle (MITM) attack. -- This message was sent by Atlassian Jira (v8.20.10#820010)