[ https://issues.apache.org/jira/browse/FLINK-21019?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Chesnay Schepler closed FLINK-21019. ------------------------------------ Resolution: Fixed master: 562d9fab85960214fa20b84b19003cfad71de04b..e687629a31b4637761d76c4859f8e65e370e55c2 > Bump Netty 4 to 4.1.58 > ---------------------- > > Key: FLINK-21019 > URL: https://issues.apache.org/jira/browse/FLINK-21019 > Project: Flink > Issue Type: Improvement > Components: API / Python, Connectors / Cassandra, Connectors / > ElasticSearch, Connectors / HBase > Reporter: Dian Fu > Assignee: Huang Xingbo > Priority: Major > Labels: pull-request-available > Fix For: 1.13.0 > > > Our current Netty version (4.1.44) is vulnerable for at least this CVE: > [https://nvd.nist.gov/vuln/detail/CVE-2020-11612] > Bumping to 4.1.46+ should solve it. -- This message was sent by Atlassian Jira (v8.3.4#803005)