Issue2828

classification
Title: Upgrade netty from 4.1.24
Type: security Severity: normal
Components: Library Versions: Jython 2.7.2
Milestone: Jython 2.7.2
process
Status: open Resolution:
Dependencies: Superseder:
Assigned To: Nosy List: jeff.allen
Priority: normal Keywords:

Created on 2019-11-06.20:36:19 by jeff.allen, last changed 2019-11-06.20:36:19 by jeff.allen.

Messages
msg12764 (view) Author: Jeff Allen (jeff.allen) Date: 2019-11-06.20:36:19
We bundle Netty version 4.1.24.Final since 2.7.1, affected by https://nvd.nist.gov/vuln/detail/CVE-2019-16869  At the time of writing, 4.1.43 seems to be current.

https://mvnrepository.com/artifact/io.netty

(Reported by BenoƮt Cantin.)
History
Date User Action Args
2019-11-06 20:36:20jeff.allencreate