Source: zookeeper Version: 3.4.13-6 Severity: grave Tags: security Justification: user security hole X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>
Hi. The release notes for https://zookeeper.apache.org/doc/r3.6.3/releasenotes.html list various security issues: CVE-2020-25649 CVE-2021-21295 CVE-2021-28165 CVE-2021-21409 It's a bit unclear to me whether 3.4 is affected to, but since 3.5.x versions seem to be, I'd guess the issues go back longer and may affect 3.4 as well. I would guess that 3.4.x has no upstream support anymore. Cheers, Chirs. __ This is the maintainer address of Debian's Java team <https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-java-maintainers>. Please use debian-j...@lists.debian.org for discussions and questions.