[jira] [Created] (ZOOKEEPER-4462) Upgrade Netty TCNative to 2.0.48

Enrico Olivelli (Jira) Sun, 30 Jan 2022 04:45:06 -0800

Enrico Olivelli created ZOOKEEPER-4462:
------------------------------------------


             Summary: Upgrade Netty TCNative to 2.0.48
                 Key: ZOOKEEPER-4462
                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4462
             Project: ZooKeeper
          Issue Type: Improvement
            Reporter: Enrico Olivelli


The OWASP checker fails m we should upgrade to the latest version

[|https://ci-hadoop.apache.org/blue/organizations/jenkins/zookeeper-multi-branch-owasp/detail/master/162/pipeline#step-35-log-562]
{code:java}
[2022-01-28T09:07:39.858Z] One or more dependencies were identified with known 
vulnerabilities in Apache ZooKeeper - Server: 


[2022-01-28T09:07:39.859Z] netty-tcnative-classes-2.0.46.Final.jar 
(pkg:maven/io.netty/netty-tcnative-classes@2.0.46.Final, 
cpe:2.3:a:netty:netty:2.0.46:*:*:*:*:*:*:*) : CVE-2014-3488, CVE-2015-2156, 
CVE-2019-16869, CVE-2019-20444, CVE-2019-20445, CVE-2021-21290, CVE-2021-21295, 
CVE-2021-21409, CVE-2021-37136, CVE-2021-37137, CVE-2021-43797{code}
 
 


[|https://ci-hadoop.apache.org/blue/organizations/jenkins/zookeeper-multi-branch-owasp/detail/master/162/pipeline#step-35-log-565][2022-01-28T09:07:39.859Z]
 
 



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Created] (ZOOKEEPER-4462) Upgrade Netty TCNative to 2.0.48

Reply via email to