[KUDU-3492] Netty CVE CVE-2023-34462 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 1.16.0
Fix Version/s: 1.17.0, 1.16.1
Component/s: None
Labels:
None

Description

Netty was upgraded to 4.1.84.Final (https://github.com/apache/kudu/commit/892bda293f238fddec47423d5c0b5be9576581f1) but this still has known CVEs:

CVE-2022-41881 (fixed in 4.1.86.Final)
CVE-2023-34462 (fixed in 4.1.94.Final)

Please update to at least 4.1.94.Final.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Colm O hEigeartaigh

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 19/Jul/23 09:41

Updated:: 26/Jul/23 00:30

Resolved:: 26/Jul/23 00:29