[
https://issues.apache.org/jira/browse/ZOOKEEPER-4414?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Frederiko Costa updated ZOOKEEPER-4414:
---------------------------------------
Description:
Update Netty update to version 4.1.70.Final. To address the following CVE's:
* CVE-2021-37136
* Netty
codec/src/main/java/io/netty/handler/codec/compression/Lz4FrameEncoder.java
Lz4FrameEncoder::finishEncode() Function Buffer Overflow
* CVE-2021-37137
was:Update to also reflect recent Netty update to version 4.1.70.Final. See
[comment|https://github.com/apache/zookeeper/pull/1605#issuecomment-780793136]
> Update Netty to 4.1.70.Final
> ----------------------------
>
> Key: ZOOKEEPER-4414
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4414
> Project: ZooKeeper
> Issue Type: Task
> Components: build
> Reporter: Frederiko Costa
> Priority: Major
> Fix For: 3.5.10
>
>
> Update Netty update to version 4.1.70.Final. To address the following CVE's:
> * CVE-2021-37136
> * Netty
> codec/src/main/java/io/netty/handler/codec/compression/Lz4FrameEncoder.java
> Lz4FrameEncoder::finishEncode() Function Buffer Overflow
> * CVE-2021-37137
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
