[ https://issues.apache.org/jira/browse/FLINK-21019?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dian Fu updated FLINK-21019: ---------------------------- Summary: Bump Netty 4 to 4.1.46 (was: Bump Netty 4 to 4.1.58) > Bump Netty 4 to 4.1.46 > ---------------------- > > Key: FLINK-21019 > URL: https://issues.apache.org/jira/browse/FLINK-21019 > Project: Flink > Issue Type: Improvement > Components: API / Python, Connectors / Cassandra, Connectors / > ElasticSearch, Connectors / HBase > Reporter: Dian Fu > Assignee: Huang Xingbo > Priority: Major > Labels: pull-request-available > Fix For: 1.13.0 > > > Our current Netty version (4.1.44) is vulnerable for at least this CVE: > [https://nvd.nist.gov/vuln/detail/CVE-2020-11612] > Bumping to 4.1.46+ should solve it. -- This message was sent by Atlassian Jira (v8.3.4#803005)