ZOOKEEPER-5056: Upgrade Netty to address CVE vulnerabilities#2406
Conversation
PDavid
left a comment
There was a problem hiding this comment.
Many thanks, this looks good to me. 👍
Disclaimer: I contributed to ZooKeeper but I'm not (yet) a ZooKeeper committer so I cannot merge your PR. You'll still need ZooKeeper committer approval.
|
Nit: This is the master branch which is the 3.10 version, not 3.9.5 version. So I'd maybe change the PR title to not have 3.9.5 in it. |
728a789 to
4e67ada
Compare
|
Hello @PDavid , I agree, so I changed the commit message to just state that we are upgrading netty. |
anmolnar
left a comment
There was a problem hiding this comment.
I think you also need to rename the license files in order to reflect the new Netty version.
Ah yes, they are under |
ba5cfb2 to
b966582
Compare
Reviewers: PDavid, anmolnar Author: BadreddineItani Closes #2406 from BadreddineItani/ZOOKEEPER-5056 (cherry picked from commit 5d6ad79) Signed-off-by: Andor Molnar <andor@cloudera.com>
Reviewers: PDavid, anmolnar Author: BadreddineItani Closes #2406 from BadreddineItani/ZOOKEEPER-5056 (cherry picked from commit 5d6ad79) Signed-off-by: Andor Molnar <andor@cloudera.com>
|
Merged to all active branches. Thanks @BadreddineItani and @PDavid ! |
Upgrade netty from version 4.1.130.Final to 4.1.135.Final
This will solve the following cve issues: