Skip to content

[Security] Upgrade Netty to 4.1.63.Final to address CVE-2021-21409#10266

Merged
eolivelli merged 1 commit intoapache:masterfrom
lhotari:lh-upgrade-netty-4.1.63.Final
Apr 20, 2021
Merged

[Security] Upgrade Netty to 4.1.63.Final to address CVE-2021-21409#10266
eolivelli merged 1 commit intoapache:masterfrom
lhotari:lh-upgrade-netty-4.1.63.Final

Conversation

@lhotari
Copy link
Copy Markdown
Member

@lhotari lhotari commented Apr 19, 2021
edited
Loading

Motivation

Upgrade Netty to 4.1.63.Final to address CVE-2021-21409 .

Modifications

  • Upgrade Netty to 4.1.63.Final
  • Upgrade netty-tcnative-boringssl-static to 2.0.38.Final

@lhotari
Copy link
Copy Markdown
Member Author

lhotari commented Apr 19, 2021

/pulsarbot run-failure-checks

@codelipenghui codelipenghui added this to the 2.8.0 milestone Apr 19, 2021
eolivelli
eolivelli approved these changes Apr 20, 2021
View reviewed changes
Copy link
Copy Markdown
Contributor

@eolivelli eolivelli left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@eolivelli eolivelli merged commit 0b71b13 into apache:master Apr 20, 2021
@lhotari lhotari mentioned this pull request Apr 21, 2021
Closed
@sijie sijie mentioned this pull request Apr 21, 2021
Closed
@codelipenghui codelipenghui mentioned this pull request Jun 5, 2021
Merged
codelipenghui added a commit that referenced this pull request Jun 6, 2021
@codelipenghui
Rollback netty-tc-native version to 2.0.33.Final (#10833)
6e747ec 
Fixes #10798 
Related to: #10266

### Motivation

Rollback netty-tc-native version to 2.0.33.Final
lhotari added a commit to lhotari/pulsar that referenced this pull request Jun 11, 2021
@lhotari
Revert "[Security] Upgrade Netty to 4.1.63.Final (apache#10266)"
ac91ec5 
This reverts commit 0b71b13.
yangl pushed a commit to yangl/pulsar that referenced this pull request Jun 23, 2021
@codelipenghui @yangl
Rollback netty-tc-native version to 2.0.33.Final (apache#10833)
8ffefda 
Fixes apache#10798 
Related to: apache#10266

### Motivation

Rollback netty-tc-native version to 2.0.33.Final
ivankelly pushed a commit to ivankelly/pulsar that referenced this pull request Aug 10, 2021
@lhotari
[Security] Upgrade Netty to 4.1.63.Final (apache#10266)
df5de2b 
- addresses CVE-2021-21409
pkumar-singh pushed a commit to pkumar-singh/pulsar that referenced this pull request Aug 10, 2021
Revert "[Security] Upgrade Netty to 4.1.63.Final (apache#10266)"
1a6694c 
This reverts commit 0b71b13.
bharanic-dev pushed a commit to bharanic-dev/pulsar that referenced this pull request Mar 18, 2022
@codelipenghui @splunk-xingw
Rollback netty-tc-native version to 2.0.33.Final (apache#10833)
ad981cd 
Fixes apache#10798 
Related to: apache#10266

### Motivation

Rollback netty-tc-native version to 2.0.33.Final
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@eolivelli eolivelli eolivelli approved these changes

@codelipenghui codelipenghui codelipenghui approved these changes

Assignees

@lhotari lhotari

Labels

None yet

Projects

None yet

Milestone

2.8.0

Development

Successfully merging this pull request may close these issues.

3 participants

@lhotari @eolivelli @codelipenghui