Uploaded image for project: 'Kafka'
  1. Kafka
  2. KAFKA-15319

Upgrade rocksdb to fix CVE-2022-37434

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Critical
    • Resolution: Fixed
    • 3.4.1
    • 3.6.0, 3.5.2
    • streams
    • None

    Description

      Rocksdbjni<7.9.2 is vulnerable to CVE-2022-37434 due to zlib 1.2.12

      Upgrade to 1.2.13 to fix 

      https://github.com/facebook/rocksdb/commit/0993c9225f8086bab6c4c0a2d7206897d1cc688c

      Attachments

        1. compat_report.html.zip
          8 kB
          lbrutschy

        Issue Links

          links to

          Web Link GitHub Pull Request #14216

          Activity

            People

              lucasbru Lucas Brutschy
              todo Maruthi
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: