[jira] [Created] (HADOOP-18578) Bump netty to the latest 4.1.86

Donghyun Kim (Jira) Thu, 15 Dec 2022 23:21:03 -0800

Donghyun Kim created HADOOP-18578:
-------------------------------------

             Summary: Bump netty to the latest 4.1.86
                 Key: HADOOP-18578
                 URL: https://issues.apache.org/jira/browse/HADOOP-18578
             Project: Hadoop Common
          Issue Type: Task
            Reporter: Donghyun Kim
             Fix For: 3.4.0, 3.3.5, 3.2.5



Netty 4.1.86 fixes the following vulnerabilities.
 * HAProxyMessageDecoder Stack Exhaustion DoS (CVE-2022-41881)
 * HTTP Response splitting from assigning header value iterator (CVE-2022-41915)

For more details: https://netty.io/news/2022/12/12/4-1-86-Final.html



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-dev-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-dev-h...@hadoop.apache.org

[jira] [Created] (HADOOP-18578) Bump netty to the latest 4.1.86

Reply via email to