[jira] [Commented] (OLINGO-1414) Dependency check fails on 4.7.0 : CVE-2019-16869 on Netty

mibo (Jira) Fri, 06 Dec 2019 12:50:25 -0800


    [ 
https://issues.apache.org/jira/browse/OLINGO-1414?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16990160#comment-16990160
 ]


mibo commented on OLINGO-1414:
------------------------------

Updated with [this 
commit|https://gitbox.apache.org/repos/asf?p=olingo-odata4.git;a=commit;h=356cdbd3d8b95b2aa7bbc7b3114516c3c2eb30ce].

> Dependency check fails on 4.7.0 : CVE-2019-16869 on Netty
> ---------------------------------------------------------
>
>                 Key: OLINGO-1414
>                 URL: https://issues.apache.org/jira/browse/OLINGO-1414
>             Project: Olingo
>          Issue Type: Improvement
>    Affects Versions: (Java) V4 4.7.0
>            Reporter: Hans Pikkemaat
>            Assignee: mibo
>            Priority: Blocker
>              Labels: security
>         Attachments: 
> 0001-OLINGO-1414-Update-to-netty-4.1.42.Final-to-prevent-.patch
>
>
> In release 4.7.0 Netty 4.1.39.Final is used.
> This contains a vulnerability : 
> [CVE-2019-16869|https://nvd.nist.gov/vuln/detail/CVE-2019-16869]
> This issues has been solved in 4.1.42.Final
>  
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (OLINGO-1414) Dependency check fails on 4.7.0 : CVE-2019-16869 on Netty

Reply via email to