Andrew Kyle Purtell created HBASE-28178:
-------------------------------------------
Summary: Upgrade ZooKeeper on all branches for CVE-2023-44981
Key: HBASE-28178
URL: https://issues.apache.org/jira/browse/HBASE-28178
Project: HBase
Issue Type: Task
Reporter: Andrew Kyle Purtell
Assignee: Andrew Kyle Purtell
Fix For: 2.6.0, 2.4.18, 3.0.0-beta-1, 4.0.0-alpha-1, 2.5.7
CVE-2023-44981 is a high scoring (9.1/10) authorization bypass vulnerability in
ZooKeeper related to SASL quorum authentication. The bug is fixed in versions
3.7.2, 3.8.3, and 3.9.1.
Upgrade ZK versions on all active branches. At least 3.7.2.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
