Alexey Serbin has uploaded this change for review. ( http://gerrit.cloudera.org:8080/21465
Change subject: KUDU-3581: upgrade Netty to 4.1.110.Final ...................................................................... KUDU-3581: upgrade Netty to 4.1.110.Final Even if Kudu doesn't use anything from Netty at its server side and is not affected by the HTTP/2 rapid reset issue, it makes sense to upgrade the Netty package used by the Kudu Java client library to include the fix for well-known CVE [1]. It would be enough to upgrade up to 4.1.100.Final, but I took the liberty of upgrading up to the latest available 4.1.110.Final version. [1] https://www.cve.org/CVERecord?id=CVE-2023-44487 Change-Id: I6e2ad686374b06d7b8cb28a7a456c21977b95ea8 Reviewed-on: http://gerrit.cloudera.org:8080/21464 Tested-by: Alexey Serbin <ale...@apache.org> Reviewed-by: Yingchun Lai <laiyingc...@apache.org> (cherry picked from commit 8d5f82483665fd6229d08fdfe94c87b07f80f986) --- M java/gradle/dependencies.gradle 1 file changed, 1 insertion(+), 1 deletion(-) git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/65/21465/1 -- To view, visit http://gerrit.cloudera.org:8080/21465 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: branch-1.17.x Gerrit-MessageType: newchange Gerrit-Change-Id: I6e2ad686374b06d7b8cb28a7a456c21977b95ea8 Gerrit-Change-Number: 21465 Gerrit-PatchSet: 1 Gerrit-Owner: Alexey Serbin <ale...@apache.org>
