Hui Yu created ARROW-16996:
------------------------------
Summary: [Java] Upgrade netty-codec dependencies
Key: ARROW-16996
URL: https://issues.apache.org/jira/browse/ARROW-16996
Project: Apache Arrow
Issue Type: Bug
Components: Java
Affects Versions: 8.0.0
Reporter: Hui Yu
Fix For: 9.0.0
[CVE-2022-24823](https://github.com/advisories/GHSA-269q-hmxg-m83q) reports a
security vulnerability for *netty-codec*
Now the version of jackson for the master branch of Arrow is
{*}4.1.72.Final{*}, that is unsafe.
Can you upgrade the version of this depenency ?
h4.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
