[
https://issues.apache.org/jira/browse/ZOOKEEPER-4755?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17771547#comment-17771547
]
Damien Diederen commented on ZOOKEEPER-4755:
--------------------------------------------
Relevant discussion and pointers:
[https://github.com/jeremylong/DependencyCheck/issues/5912#issuecomment-1699387994]
> Handle Netty CVE-2023-4586
> --------------------------
>
> Key: ZOOKEEPER-4755
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4755
> Project: ZooKeeper
> Issue Type: Task
> Reporter: Damien Diederen
> Assignee: Damien Diederen
> Priority: Major
>
> The {{dependency-check:check}}... check currently fails with the following:
> {noformat}
> [ERROR] netty-handler-4.1.94.Final.jar: CVE-2023-4586(6.5)
> {noformat}
> According to https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4586 ,
> CVE-2023-4586 is reserved. No fix or additional information is available as
> of the creation of this ticket.
> We have to:
> # Temporarily suppress the check;
> # Monitor CVE-2023-4586 and apply the remediation as soon as it becomes
> available.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
