Alexey Serbin has uploaded this change for review. ( http://gerrit.cloudera.org:8080/21464
Change subject: KUDU-3581: upgrade Netty to 4.1.110.Final ...................................................................... KUDU-3581: upgrade Netty to 4.1.110.Final Even if Kudu doesn't use anything from Netty at its server side and is not affected by the HTTP/2 rapid reset issue, it makes sense to upgrade the Netty package used by the Kudu Java client library to include the fix for well-known CVE [1]. It would be enough to upgrade up to 4.1.100.Final, but I took the liberty of upgrading up to the latest available 4.1.110.Final version. [1] https://www.cve.org/CVERecord?id=CVE-2023-44487 Change-Id: I6e2ad686374b06d7b8cb28a7a456c21977b95ea8 --- M java/gradle/dependencies.gradle 1 file changed, 1 insertion(+), 1 deletion(-) git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/64/21464/1 -- To view, visit http://gerrit.cloudera.org:8080/21464 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: newchange Gerrit-Change-Id: I6e2ad686374b06d7b8cb28a7a456c21977b95ea8 Gerrit-Change-Number: 21464 Gerrit-PatchSet: 1 Gerrit-Owner: Alexey Serbin <[email protected]>
