[jira] [Created] (ZOOKEEPER-3716) upgrade netty 4.1.42 to address CVE-2019-20444 CVE-2019-20445

Patrick D. Hunt (Jira) Mon, 03 Feb 2020 11:06:34 -0800

Patrick D. Hunt created ZOOKEEPER-3716:
------------------------------------------


             Summary: upgrade netty 4.1.42 to address CVE-2019-20444 
CVE-2019-20445
                 Key: ZOOKEEPER-3716
                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3716
             Project: ZooKeeper
          Issue Type: Bug
          Components: security, server
    Affects Versions: 3.5.6, 3.6.0, 3.7.0
            Reporter: Patrick D. Hunt


OWASP dependency-check is failing 

upgrade netty 4.1.42 to address CVE-2019-20444 CVE-2019-20445

[ERROR] netty-transport-4.1.42.Final.jar: CVE-2019-20445, CVE-2019-20444

We need to upgrade to netty 4.1.45 (current latest) or later



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Created] (ZOOKEEPER-3716) upgrade netty 4.1.42 to address CVE-2019-20444 CVE-2019-20445

Reply via email to