Donghyun Kim created HADOOP-18578:
-------------------------------------
Summary: Bump netty to the latest 4.1.86
Key: HADOOP-18578
URL: https://issues.apache.org/jira/browse/HADOOP-18578
Project: Hadoop Common
Issue Type: Task
Reporter: Donghyun Kim
Fix For: 3.4.0, 3.3.5, 3.2.5
Netty 4.1.86 fixes the following vulnerabilities.
* HAProxyMessageDecoder Stack Exhaustion DoS (CVE-2022-41881)
* HTTP Response splitting from assigning header value iterator (CVE-2022-41915)
For more details: https://netty.io/news/2022/12/12/4-1-86-Final.html
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
