Uploaded image for project: 'ZooKeeper'
  1. ZooKeeper
  2. ZOOKEEPER-4209

Update Netty version to 4.1.53.Final on 3.5 branch

VotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.5.9
    • Fix Version/s: 3.5.10, 3.6.3, 3.7.0, 3.8.0
    • Component/s: None
    • Environment:

      It appears this is an issue that affects all versions, as this has only been address on netty 4.1.53.Final, which hasn't been up-taken yet (last upgrade afaict was 4.1.50.Final)

      Description

      Zookeeper 3.5.9 upgraded netty to 4.1.50.Final. Would like to uptake netty 4.1.53.Final which addressed the vulnerability described at https://snyk.io/vuln/SNYK-JAVA-IONETTY-1020439

       

        Attachments

          Activity

            People

            • Assignee:
              sbridges Sean Bridges
              Reporter:
              frederikoc Frederiko Costa

              Dates

              • Created:
                Updated:
                Resolved:

                Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0h
                0h
                Logged:
                Time Spent - 4h
                4h

                  Issue deployment