Hi, >From https://mvnrepository.com/artifact/org.apache.zookeeper/zookeeper/3.4.14, >Zookeeper depends on Netty 3.10.6.Final.
However, Netty has CVEs for versions prior to 4.1.42.Final as per https://nvd.nist.gov/vuln/detail/CVE-2019-16869: Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers (such as a "Transfer-Encoding : chunked" line), which leads to HTTP request smuggling. Will Zookeeper (both client and server) work if we use Netty 4.1.42.Final or above instead? Also what jars are needed for the Zookeeper Client? Thanks, Daniel
