Hi Swathi,
In this case the PR reviews happened on a private repo because the CVE
wasn't public at that time. On the 3.3 branches you can look at/cherry-pick
commits 015d7aede6cbd350d56d75006930dd2bf89a4a5a and
b2b928338c7226b41a73786df27a2127eaa32ab2.
Kind regards,
Tom
On Mon, 26 Sept 2022
https://issues.apache.org/jira/browse/KAFKA-14063?focusedCommentId=17608137=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#comment-17608137
On Mon, Sep 26, 2022 at 7:42 PM Swathi Mocharla
wrote:
>
> Hi,
> CVE: https://nvd.nist.gov/vuln/detail/CVE-2022-34917
> Could you please
Hi,
CVE: https://nvd.nist.gov/vuln/detail/CVE-2022-34917
Could you please help with the PR that fixed this vulnerability? We are
looking to apply the patch that fixes this and we are unable to find it.
Thanks,
Swathi
