[ https://issues.apache.org/jira/browse/MRM-2047?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17550187#comment-17550187 ]
ASF subversion and git services commented on MRM-2047: ------------------------------------------------------ Commit f2e32d366b50133f4a646dbda5f7aa688109c057 in archiva's branch refs/heads/dependabot/maven/master/maven3x.version-3.8.5 from PJ Fanning [ https://gitbox.apache.org/repos/asf?p=archiva.git;h=f2e32d366 ] [MRM-2047] upgrade netty due to CVEs (#102) > upgrade netty due to security issue > ----------------------------------- > > Key: MRM-2047 > URL: https://issues.apache.org/jira/browse/MRM-2047 > Project: Archiva > Issue Type: Bug > Reporter: PJ Fanning > Assignee: Olivier Lamy > Priority: Major > Fix For: 3.0.0 > > > netty-codec jar used in archiva has CVEs > * https://github.com/advisories/GHSA-9vjp-v76f-g363 > * https://github.com/advisories/GHSA-grg4-wf29-r9vv -- This message was sent by Atlassian Jira (v8.20.7#820007)