Upgrade Netty to 4.1.78.Final #26211
Labels
kind/enhancement
New feature or request
Milestone
Comments
|
We do plan to do this soon, but it needs to be tested with Vert.x |
|
cc @cescoffier |
|
We won't bump for now. We have found a graalvm bug that prevent native compilation. |
|
@cescoffier @geoand @dhoffer I was about to report a similar issue while reviewing the issues for Keycloak, when I found this ticket. The issue should be considered as low-impact considering that only Java 6, or below are impacted. More details here: https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-2812456 |
|
Yes, I am aware of the CVE, but let's say that Java 6 is slightly out of scope :-). |
|
Closed via #26294 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
We are getting security scan failures with the current Netty 4.1.74.Final, I see there is a 4.1.78.Final available. I have not verified they are fixed in 4.1.78.Final but seems Quarkus should always move to the latest service pack version to pickup bug fixes.
Implementation ideas
No response
The text was updated successfully, but these errors were encountered: