[jira] [Commented] (TEZ-4494) Addressing CVE-2022-41881 - Netty vulnerability

Sercan Tekin (Jira) Sat, 10 Jun 2023 13:43:13 -0700


    [ 
https://issues.apache.org/jira/browse/TEZ-4494?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17731275#comment-17731275
 ]


Sercan Tekin commented on TEZ-4494:
-----------------------------------

Created PR [https://github.com/apache/tez/pull/287] 

> Addressing CVE-2022-41881 - Netty vulnerability
> -----------------------------------------------
>
>                 Key: TEZ-4494
>                 URL: https://issues.apache.org/jira/browse/TEZ-4494
>             Project: Apache Tez
>          Issue Type: Bug
>    Affects Versions: 0.10.2
>            Reporter: Sercan Tekin
>            Priority: Major
>              Labels: netty, security, vulnerabilities
>             Fix For: 0.10.3
>
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> Current netty version in the project has high score CVE - 
> [https://nvd.nist.gov/vuln/detail/CVE-2022-41881]
> The netty version should be upgraded at least version 4.1.86.Final. the 
> latest version as of now is 4.1.93.Final.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (TEZ-4494) Addressing CVE-2022-41881 - Netty vulnerability

Reply via email to