[
https://issues.apache.org/jira/browse/NIFI-10079?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17545089#comment-17545089
]
Joe Witt commented on NIFI-10079:
---------------------------------
[~msr1716] The link appears to be to Netty. Can you clarify? Also please be
precise about which ZK clients you're finding and their version strings. we
have a ton of dependencies and locations so knowing in detail what you're
seeing will help.
> Update ZooKeeper .JAR Files
> ---------------------------
>
> Key: NIFI-10079
> URL: https://issues.apache.org/jira/browse/NIFI-10079
> Project: Apache NiFi
> Issue Type: Bug
> Affects Versions: 1.6.0, 1.16.1, 1.16.2
> Reporter: Mike R
> Priority: Major
>
> The version of Zookeeper .jars used has a Medium 5.8 CVE against it and there
> is an update to Zookeeper to allow for a fix. The CVE can be found at
> [https://nvd.nist.gov/vuln/detail/CVE-2021-21295] and there is a more recent
> version of Zookeeper to help mitigate this
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
