[jira] [Commented] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx

Chesnay Schepler (Jira) Tue, 11 May 2021 03:07:18 -0700


    [ 
https://issues.apache.org/jira/browse/FLINK-22441?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17342467#comment-17342467
 ]


Chesnay Schepler commented on FLINK-22441:
------------------------------------------

Removing FLINK-20845 as a blocker because there are other alternatives (such as 
FLINK-18783) for bumping Akka independent of the user-facing scala version.

> In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There 
> are many vulnerabilities, like CVE-2021-21409 etc. please confirm these 
> version and fix. thx
> --------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: FLINK-22441
>                 URL: https://issues.apache.org/jira/browse/FLINK-22441
>             Project: Flink
>          Issue Type: Bug
>          Components: Runtime / Coordination
>    Affects Versions: 1.11.3, 1.12.2, 1.13.0
>            Reporter: 张健
>            Priority: Major
>
> In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There 
> are many vulnerabilities, like CVE-2021-21409 CVE-2021-21295 etc. please 
> confirm these version and fix. thx



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx

Reply via email to