[HBASE-25728] [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: thirdparty-3.5.1
Component/s: thirdparty
Labels:
None

Hadoop Flags:

Reviewed
Release Note:
Netty is upgrade to 4.1.63.Final due to security vulnerability CVE-2021-21295.

Description

We don't have a direct exposure to this vulnerability but vulnerability scanners aware of the CVE database may flag it.

Attachments

Issue Links

links to

GitHub Pull Request #48

Sub-Tasks

1.

Upgrade to latest hbase-thirdparty

Resolved

Andrew Kyle Purtell

Activity

People

Assignee:: Andrew Kyle Purtell

Reporter:: Andrew Kyle Purtell

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 02/Apr/21 18:09

Updated:: 02/Apr/21 18:34

Resolved:: 02/Apr/21 18:33