symat commented on PR #1866: URL: https://github.com/apache/zookeeper/pull/1866#issuecomment-1129118840
> this is the only CVE it finds and it is indeed fixed with netty update. hmm... but this PR is about jetty, not netty. So why do we want to upgrade jetty? Maybe I misunderstand something... @fu-turer , why do you think this CVE-2022-22965 is affecting ZooKeeper and how this is related to Jetty? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@zookeeper.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
