[ARROW-16996] [Java] Upgrade netty-codec dependencies - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 8.0.0
Fix Version/s: 9.0.0
Component/s: Java
Labels:
- pull-request-available

External issue URL:
https://github.com/apache/arrow/issues/32310
Language:
- Java

Description

[CVE-2022-24823](https://github.com/advisories/GHSA-269q-hmxg-m83q) reports a security vulnerability for netty-codec

Now the version of netty-codec in the master branch is 4.1.72.Final, that is unsafe.

Can you upgrade the version of this depenency ?

Attachments

Issue Links

links to

GitHub Pull Request #13544

Sub-Tasks

1.

[Java][Doc]: Update documentation aligned to task of delete mac / linux netty-native profiles

Closed

David Dali Susanibar Arce

Activity

People

Assignee:: David Dali Susanibar Arce

Reporter:: Hui Yu

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 07/Jul/22 03:01

Updated:: 11/Jan/23 11:47

Resolved:: 08/Jul/22 20:31

Time Tracking

Estimated:

Not Specified

Remaining:

0h

Logged:

5h

Include sub-tasks