[jira] [Commented] (STORM-4078) Uplift Netty version to 4.1.112

Andrew Olson (Jira) Fri, 23 Aug 2024 10:24:28 -0700


    [ 
https://issues.apache.org/jira/browse/STORM-4078?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17876332#comment-17876332
 ]


Andrew Olson commented on STORM-4078:
-------------------------------------

Pull request: https://github.com/apache/storm/pull/3685

> Uplift Netty version to 4.1.112
> -------------------------------
>
>                 Key: STORM-4078
>                 URL: https://issues.apache.org/jira/browse/STORM-4078
>             Project: Apache Storm
>          Issue Type: Dependency upgrade
>          Components: storm-client, storm-server
>            Reporter: Andrew Olson
>            Priority: Major
>              Labels: dependency-upgrade
>             Fix For: 2.7.0
>
>
> Netty version {{4.1.107.Final}} is shaded into {{storm-shaded-deps}} (with 
> classes relocated to {{{}org/apache/storm/shade/io/netty{}}}). It now needs 
> to be uplifted to remediate 
> [CVE-2024-29025|https://nvd.nist.gov/vuln/detail/CVE-2024-29025]. The latest 
> available {{4.x}} release for Netty is {{{}4.1.112.Final{}}}.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (STORM-4078) Uplift Netty version to 4.1.112

Reply via email to