[OAK-10076] Bump netty dependency from 4.1.68.Final to 4.1.86.Final - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Task
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 1.46.0, 1.22.14
Fix Version/s: 1.48.0, 1.22.15
Component/s: segment-tar
Labels:
- cold-standby
- vulnerability

Description

Vulnerabilities

CVE-2022-41881

A StackOverflowError can be raised when parsing a malformed crafted message due to an
infinite recursion.

https://github.com/netty/netty/security/advisories/GHSA-fx2c-96vj-985v

Attachments

Issue Links

links to

GitHub Pull Request #827

GitHub Pull Request #830

Activity

People

Assignee:: Andrei Dulceanu

Reporter:: Andrei Dulceanu

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 20/Jan/23 12:01

Updated:: 01/Feb/23 12:38

Resolved:: 23/Jan/23 12:26