Skip to content
This repository has been archived by the owner on Apr 1, 2024. It is now read-only.

ISSUE-9249: Upgrade Netty dependency in broker to solve vulnerabilities: CVE-2019-16869, CVE-2020-11612, CVE-2019-20445, CVE-2019-20444 #2039

Open
sijie opened this issue Jan 20, 2021 · 0 comments
Open

ISSUE-9249: Upgrade Netty dependency in broker to solve vulnerabilities: CVE-2019-16869, CVE-2020-11612, CVE-2019-20445, CVE-2019-20444 #2039

sijie opened this issue Jan 20, 2021 · 0 comments
Labels
lifecycle/stale Stale type/enhancement type/improvement

Comments

@sijie
Copy link
Member

sijie commented Jan 20, 2021

Original Issue: apache#9249

Version of Netty (4.1.32) used inside Apache Pulsar Broker (at least 2.7.0) is affected by following high risk vulnerabilities: CVE-2019-16869, CVE-2020-11612, CVE-2019-20445, CVE-2019-20444.

All these vulnerabilities are solved in Netty 4.1.46.Final.

Describe the solution you'd like
A clear and concise description of what you want to happen.

Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.

Additional context
Add any other context or screenshots about the feature request here.
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
lifecycle/stale Stale type/enhancement type/improvement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sijie