Hi, We have a zk server running 3.4.6 version, that is really problematic to update, and currently we have the same zk client version which has CVE-2017-5637 vulnerability and generates alerts of our automatic SEC monitoring. We have really limited access to the server and can't update zk version on both server and client. But we can update client only. We will be able to perform some simple smoke testing of this set up, but I would like to ask if anybody did it before, or is there a confidence that this would work without problems. I am reviewing currently the changes from 3.4.6 till 3.4.10, but of course I can miss something.
Thanks in advance -- Sent from: http://zookeeper-user.578899.n2.nabble.com/