[
https://issues.apache.org/jira/browse/TEZ-4494?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sercan Tekin updated TEZ-4494:
------------------------------
Description:
Current netty version in the project has high score CVE -
[https://nvd.nist.gov/vuln/detail/CVE-2022-41881]
The netty version should be upgraded at least version 4.1.86.Final. The latest
version as of now is 4.1.93.Final.
was:
Current netty version in the project has high score CVE -
[https://nvd.nist.gov/vuln/detail/CVE-2022-41881]
The netty version should be upgraded at least version 4.1.86.Final. the latest
version as of now is 4.1.93.Final.
> Addressing CVE-2022-41881 - Netty vulnerability
> -----------------------------------------------
>
> Key: TEZ-4494
> URL: https://issues.apache.org/jira/browse/TEZ-4494
> Project: Apache Tez
> Issue Type: Bug
> Affects Versions: 0.10.2
> Reporter: Sercan Tekin
> Priority: Major
> Labels: netty, security, vulnerabilities
> Fix For: 0.10.3
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> Current netty version in the project has high score CVE -
> [https://nvd.nist.gov/vuln/detail/CVE-2022-41881]
> The netty version should be upgraded at least version 4.1.86.Final. The
> latest version as of now is 4.1.93.Final.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
