Uploaded image for project: 'ZooKeeper'
  1. ZooKeeper
  2. ZOOKEEPER-4462

Upgrade Netty TCNative to 2.0.48

    XMLWordPrintableJSON

Details

    Description

      The OWASP checker fails m we should upgrade to the latest version

      https://ci-hadoop.apache.org/blue/organizations/jenkins/zookeeper-multi-branch-owasp/detail/master/162/pipeline#step-35-log-562

      [2022-01-28T09:07:39.858Z] One or more dependencies were identified with known vulnerabilities in Apache ZooKeeper - Server: 
      
      
      [2022-01-28T09:07:39.859Z] netty-tcnative-classes-2.0.46.Final.jar (pkg:maven/io.netty/netty-tcnative-classes@2.0.46.Final, cpe:2.3:a:netty:netty:2.0.46:*:*:*:*:*:*:*) : CVE-2014-3488, CVE-2015-2156, CVE-2019-16869, CVE-2019-20444, CVE-2019-20445, CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-37136, CVE-2021-37137, CVE-2021-43797

       
       

      https://ci-hadoop.apache.org/blue/organizations/jenkins/zookeeper-multi-branch-owasp/detail/master/162/pipeline#step-35-log-565[2022-01-28T09:07:39.859Z]
       

      Attachments

        Issue Links

          Activity

            People

              eolivelli Enrico Olivelli
              eolivelli Enrico Olivelli
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 50m
                  50m