Skip to content

ZOOKEEPER-5056: Upgrade Netty to address CVE vulnerabilities#2406

Merged
anmolnar merged 2 commits into
apache:masterfrom
BadreddineItani:ZOOKEEPER-5056
Jul 17, 2026
Merged

ZOOKEEPER-5056: Upgrade Netty to address CVE vulnerabilities#2406
anmolnar merged 2 commits into
apache:masterfrom
BadreddineItani:ZOOKEEPER-5056

Conversation

@PDavid PDavid left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Many thanks, this looks good to me. 👍

Disclaimer: I contributed to ZooKeeper but I'm not (yet) a ZooKeeper committer so I cannot merge your PR. You'll still need ZooKeeper committer approval.

@PDavid

PDavid commented Jun 23, 2026

Copy link
Copy Markdown
Contributor

Nit: This is the master branch which is the 3.10 version, not 3.9.5 version. So I'd maybe change the PR title to not have 3.9.5 in it.

@BadreddineItani BadreddineItani changed the title ZOOKEEPER-5056: Netty CVE vulnerabilities in zookeeper 3.9.5 ZOOKEEPER-5056: Upgrade Netty to address CVE vulnerabilities Jun 23, 2026
@BadreddineItani

BadreddineItani commented Jun 23, 2026

Copy link
Copy Markdown
Contributor Author

Hello @PDavid ,

I agree, so I changed the commit message to just state that we are upgrading netty.

@anmolnar anmolnar left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think you also need to rename the license files in order to reflect the new Netty version.

@PDavid

PDavid commented Jun 24, 2026

Copy link
Copy Markdown
Contributor

I think you also need to rename the license files in order to reflect the new Netty version.

Ah yes, they are under src/main/resources/lib.

@anmolnar anmolnar left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm.

@anmolnar
anmolnar merged commit 5d6ad79 into apache:master Jul 17, 2026
17 checks passed
asf-gitbox-commits pushed a commit that referenced this pull request Jul 17, 2026
Reviewers: PDavid, anmolnar
Author: BadreddineItani
Closes #2406 from BadreddineItani/ZOOKEEPER-5056

(cherry picked from commit 5d6ad79)
Signed-off-by: Andor Molnar <andor@cloudera.com>
asf-gitbox-commits pushed a commit that referenced this pull request Jul 17, 2026
Reviewers: PDavid, anmolnar
Author: BadreddineItani
Closes #2406 from BadreddineItani/ZOOKEEPER-5056

(cherry picked from commit 5d6ad79)
Signed-off-by: Andor Molnar <andor@cloudera.com>
@anmolnar

Copy link
Copy Markdown
Contributor

Merged to all active branches. Thanks @BadreddineItani and @PDavid !

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants