[ https://issues.apache.org/jira/browse/ZOOKEEPER-4709?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17739380#comment-17739380 ]
Mate Szalay-Beko commented on ZOOKEEPER-4709: --------------------------------------------- I also pushed it to branch-3.7 > Upgrade Netty to 4.1.94.Final > ----------------------------- > > Key: ZOOKEEPER-4709 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4709 > Project: ZooKeeper > Issue Type: Improvement > Affects Versions: 3.7.1, 3.8.1 > Reporter: Fabio Buso > Priority: Major > Labels: dependency-upgrade, pull-request-available > Fix For: 3.9.0, 3.7.2, 3.8.2 > > Time Spent: 50m > Remaining Estimate: 0h > > [Netty 4.1.94|https://netty.io/news/2023/06/19/4-1-94-Final.html] includes > several improvements and bug fixes, including a resolution for > [CVE-2023-34462|https://github.com/netty/netty/security/advisories/GHSA-6mjq-h674-j845] > related to potential memory allocation vulnerabilities during a TLS > handshake with Server Name Indication. -- This message was sent by Atlassian Jira (v8.20.10#820010)