[jira] [Commented] (ZOOKEEPER-4278) dependency-check:check failing - netty-transport-4.1.60.Final CVE-2021-21409

Mohammad Arshad (Jira) Thu, 08 Apr 2021 03:48:04 -0700


    [ 
https://issues.apache.org/jira/browse/ZOOKEEPER-4278?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17317085#comment-17317085
 ]


Mohammad Arshad commented on ZOOKEEPER-4278:
--------------------------------------------

To fix the CVE anyway we have to upgrade to 4.1.61. 
 4.1.62 and 4.1.63 are Regression fix releases. As per the release notes there 
is not much change from 4.1.62 to 4.1.63.

https://netty.io/news/2021/03/30/4-1-61-Final.html
https://netty.io/news/2021/03/31/4-1-62-Final.html
https://netty.io/news/2021/04/01/4-1-63-Final.html

> dependency-check:check failing - netty-transport-4.1.60.Final CVE-2021-21409 
> -----------------------------------------------------------------------------
>
>                 Key: ZOOKEEPER-4278
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4278
>             Project: ZooKeeper
>          Issue Type: Bug
>            Reporter: Mohammad Arshad
>            Priority: Major
>




--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (ZOOKEEPER-4278) dependency-check:check failing - netty-transport-4.1.60.Final CVE-2021-21409

Reply via email to