Colm O hEigeartaigh created KUDU-3492:
-----------------------------------------
Summary: Netty CVE CVE-2023-34462
Key: KUDU-3492
URL: https://issues.apache.org/jira/browse/KUDU-3492
Project: Kudu
Issue Type: Bug
Affects Versions: 1.16.0
Reporter: Colm O hEigeartaigh
Fix For: 1.17.0, 1.16.1
Netty was upgraded to 4.1.84.Final
([https://github.com/apache/kudu/commit/892bda293f238fddec47423d5c0b5be9576581f1)]
but this still has known CVEs:
* CVE-2022-41881 (fixed in 4.1.86.Final)
* CVE-2023-34462 (fixed in 4.1.94.Final)
Please update to at least 4.1.94.Final.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
