Uploaded image for project: 'ZooKeeper'
  1. ZooKeeper
  2. ZOOKEEPER-4242

Upgrade Netty library to > 4.1.59 due to security vulnerability

    XMLWordPrintableJSON

Details

    • Task
    • Status: Open
    • Major
    • Resolution: Unresolved
    • 3.6.1, 3.5.8, 3.6.2
    • None
    • security
    • None

    Description

      The latest version of Zookeeper (3.6.2) uses Netty 4.1.50.Final, which contains a security vulnerability CVE-2021-21290 (https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-21290).  This was fixed in Netty 4.1.59 and the latest is 4.1.60.  Zookeeper needs to be updated to use the newest Netty version to eliminate this security vulnerability.

      Attachments

        Activity

          People

            Unassigned Unassigned
            boojapho Boojapho
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated: