[zookeeper] branch branch-3.6 updated: ZOOKEEPER-3794: upgrade netty to address CVE-2020-11612

eolivelli Wed, 15 Apr 2020 02:45:29 -0700

This is an automated email from the ASF dual-hosted git repository.

eolivelli pushed a commit to branch branch-3.6
in repository https://gitbox.apache.org/repos/asf/zookeeper.git



The following commit(s) were added to refs/heads/branch-3.6 by this push:
     new 8a8ec3d  ZOOKEEPER-3794: upgrade netty to address CVE-2020-11612
8a8ec3d is described below

commit 8a8ec3d55c9aac4266a2e60000a91df8606525cb
Author: Patrick Hunt <[email protected]>
AuthorDate: Wed Apr 15 11:44:17 2020 +0200

    ZOOKEEPER-3794: upgrade netty to address CVE-2020-11612
    
    Latest owasp runs are flagging this. Simple upgrade to the current latest 
version of netty 4.1.x codeline.
    
    Change-Id: I3defe8a731a2bf22abbd154e7d51054cb62aaa64
    
    Author: Patrick Hunt <[email protected]>
    
    Reviewers: Enrico Olivelli <[email protected]>
    
    Closes #1319 from phunt/ZOOKEEPER-3794
    
    (cherry picked from commit 8a1e0b3643d85ffa362207880095e08f1dbc47da)
    Signed-off-by: Enrico Olivelli <[email protected]>
---
 pom.xml                                                                 | 2 +-
 ...n-4.1.45.Final.LICENSE.txt => netty-buffer-4.1.48.Final.LICENSE.txt} | 0
 ...ll-4.1.45.Final.LICENSE.txt => netty-codec-4.1.49.Final.LICENSE.txt} | 0
 ...t-4.1.45.Final.LICENSE.txt => netty-common-4.1.48.Final.LICENSE.txt} | 0
 ...-4.1.45.Final.LICENSE.txt => netty-handler-4.1.48.Final.LICENSE.txt} | 0
 ...4.1.45.Final.LICENSE.txt => netty-resolver-4.1.48.Final.LICENSE.txt} | 0
 ....1.45.Final.LICENSE.txt => netty-transport-4.1.48.Final.LICENSE.txt} | 0
 ...ICENSE.txt => netty-transport-native-epoll-4.1.48.Final.LICENSE.txt} | 0
 ....txt => netty-transport-native-unix-common-4.1.48.Final.LICENSE.txt} | 0
 9 files changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 2e66d88..39e01b0 100755
--- a/pom.xml
+++ b/pom.xml
@@ -353,7 +353,7 @@
     <mockito.version>2.27.0</mockito.version>
     <hamcrest.version>1.3</hamcrest.version>
     <commons-cli.version>1.2</commons-cli.version>
-    <netty.version>4.1.45.Final</netty.version>
+    <netty.version>4.1.48.Final</netty.version>
     <jetty.version>9.4.24.v20191120</jetty.version>
     <jackson.version>2.10.3</jackson.version>
     <json.version>1.1.1</json.version>
diff --git 
a/zookeeper-server/src/main/resources/lib/netty-transport-native-unix-common-4.1.45.Final.LICENSE.txt
 b/zookeeper-server/src/main/resources/lib/netty-buffer-4.1.48.Final.LICENSE.txt
similarity index 100%
rename from 
zookeeper-server/src/main/resources/lib/netty-transport-native-unix-common-4.1.45.Final.LICENSE.txt
rename to 
zookeeper-server/src/main/resources/lib/netty-buffer-4.1.48.Final.LICENSE.txt
diff --git 
a/zookeeper-server/src/main/resources/lib/netty-transport-native-epoll-4.1.45.Final.LICENSE.txt
 b/zookeeper-server/src/main/resources/lib/netty-codec-4.1.49.Final.LICENSE.txt
similarity index 100%
rename from 
zookeeper-server/src/main/resources/lib/netty-transport-native-epoll-4.1.45.Final.LICENSE.txt
rename to 
zookeeper-server/src/main/resources/lib/netty-codec-4.1.49.Final.LICENSE.txt
diff --git 
a/zookeeper-server/src/main/resources/lib/netty-transport-4.1.45.Final.LICENSE.txt
 b/zookeeper-server/src/main/resources/lib/netty-common-4.1.48.Final.LICENSE.txt
similarity index 100%
rename from 
zookeeper-server/src/main/resources/lib/netty-transport-4.1.45.Final.LICENSE.txt
rename to 
zookeeper-server/src/main/resources/lib/netty-common-4.1.48.Final.LICENSE.txt
diff --git 
a/zookeeper-server/src/main/resources/lib/netty-resolver-4.1.45.Final.LICENSE.txt
 
b/zookeeper-server/src/main/resources/lib/netty-handler-4.1.48.Final.LICENSE.txt
similarity index 100%
rename from 
zookeeper-server/src/main/resources/lib/netty-resolver-4.1.45.Final.LICENSE.txt
rename to 
zookeeper-server/src/main/resources/lib/netty-handler-4.1.48.Final.LICENSE.txt
diff --git 
a/zookeeper-server/src/main/resources/lib/netty-handler-4.1.45.Final.LICENSE.txt
 
b/zookeeper-server/src/main/resources/lib/netty-resolver-4.1.48.Final.LICENSE.txt
similarity index 100%
rename from 
zookeeper-server/src/main/resources/lib/netty-handler-4.1.45.Final.LICENSE.txt
rename to 
zookeeper-server/src/main/resources/lib/netty-resolver-4.1.48.Final.LICENSE.txt
diff --git 
a/zookeeper-server/src/main/resources/lib/netty-common-4.1.45.Final.LICENSE.txt 
b/zookeeper-server/src/main/resources/lib/netty-transport-4.1.48.Final.LICENSE.txt
similarity index 100%
rename from 
zookeeper-server/src/main/resources/lib/netty-common-4.1.45.Final.LICENSE.txt
rename to 
zookeeper-server/src/main/resources/lib/netty-transport-4.1.48.Final.LICENSE.txt
diff --git 
a/zookeeper-server/src/main/resources/lib/netty-codec-4.1.45.Final.LICENSE.txt 
b/zookeeper-server/src/main/resources/lib/netty-transport-native-epoll-4.1.48.Final.LICENSE.txt
similarity index 100%
rename from 
zookeeper-server/src/main/resources/lib/netty-codec-4.1.45.Final.LICENSE.txt
rename to 
zookeeper-server/src/main/resources/lib/netty-transport-native-epoll-4.1.48.Final.LICENSE.txt
diff --git 
a/zookeeper-server/src/main/resources/lib/netty-buffer-4.1.45.Final.LICENSE.txt 
b/zookeeper-server/src/main/resources/lib/netty-transport-native-unix-common-4.1.48.Final.LICENSE.txt
similarity index 100%
rename from 
zookeeper-server/src/main/resources/lib/netty-buffer-4.1.45.Final.LICENSE.txt
rename to 
zookeeper-server/src/main/resources/lib/netty-transport-native-unix-common-4.1.48.Final.LICENSE.txt

[zookeeper] branch branch-3.6 updated: ZOOKEEPER-3794: upgrade netty to address CVE-2020-11612

Reply via email to