Skip to content

Bump due to security issues#313

Open
mthbernardes wants to merge 3 commits into
FundingCircle:masterfrom
mthbernardes:patch-1
Open

Bump due to security issues#313
mthbernardes wants to merge 3 commits into
FundingCircle:masterfrom
mthbernardes:patch-1

Conversation

@mthbernardes

@mthbernardes mthbernardes commented Jan 19, 2022

Copy link
Copy Markdown

Bump the following libs due to a security issue

Checklist

  • tests
  • updated CHANGELOG (the "unreleased" section)

Bump the following libs due to a security issue
- `io.netty/netty-codec-http` (CVE-2021-37136, CVE-2021-37137)
- `io.netty/netty-codec` (CVE-2021-43797)
@mthbernardes mthbernardes requested a review from a team as a code owner January 19, 2022 13:18
@cddr

cddr commented Jan 21, 2022

Copy link
Copy Markdown
Contributor

There's a whole bunch of netty related libraries that should possibly be kept in sync (see above/below the line you changed).

@mt3593

mt3593 commented Oct 12, 2022

Copy link
Copy Markdown

Any news on this? Looks like the netty libs have moved on further to worth bumping up again and getting a release cut

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants