FYI branch 3.4 was recently patched with Netty 3.10 to address some of the security concerns as described in ZOOKEEPER-2423: Upgrade Netty version due to security vulnerability.
https://github.com/apache/zookeeper/commit/f0a49567d545bd6584cb8ece2d491dc6c65174f8 On Mon, Jun 6, 2016 at 1:38 PM, Hegde, Pallavi <[email protected]> wrote: > Hello, > We are currently facing some security issues with Zookeeper version 3.4.7 > & 3.4.8, since its bundled with very old version of Netty:jar, version > 3.7.0. > Could you address this issue in future Zookeeper releases by packaging it > with Netty.jar-4.0.27, or higher version of Netty:jar? I am sure this will > help many other issues including security violations. > > Thanks > Pallavi > > -- Cheers Michael.
