Alexey Serbin has submitted this change and it was merged. ( http://gerrit.cloudera.org:8080/21464 )
Change subject: KUDU-3581: upgrade Netty to 4.1.110.Final ...................................................................... KUDU-3581: upgrade Netty to 4.1.110.Final Even if Kudu doesn't use anything from Netty at its server side and is not affected by the HTTP/2 rapid reset issue, it makes sense to upgrade the Netty package used by the Kudu Java client library to include the fix for well-known CVE [1]. It would be enough to upgrade up to 4.1.100.Final, but I took the liberty of upgrading up to the latest available 4.1.110.Final version. [1] https://www.cve.org/CVERecord?id=CVE-2023-44487 Change-Id: I6e2ad686374b06d7b8cb28a7a456c21977b95ea8 Reviewed-on: http://gerrit.cloudera.org:8080/21464 Tested-by: Alexey Serbin <ale...@apache.org> Reviewed-by: Yingchun Lai <laiyingc...@apache.org> --- M java/gradle/dependencies.gradle 1 file changed, 1 insertion(+), 1 deletion(-) Approvals: Alexey Serbin: Verified Yingchun Lai: Looks good to me, approved -- To view, visit http://gerrit.cloudera.org:8080/21464 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: merged Gerrit-Change-Id: I6e2ad686374b06d7b8cb28a7a456c21977b95ea8 Gerrit-Change-Number: 21464 Gerrit-PatchSet: 2 Gerrit-Owner: Alexey Serbin <ale...@apache.org> Gerrit-Reviewer: Abhishek Chennaka <achenn...@cloudera.com> Gerrit-Reviewer: Alexey Serbin <ale...@apache.org> Gerrit-Reviewer: Attila Bukor <abu...@apache.org> Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Yingchun Lai <laiyingc...@apache.org>
