Loading...

XML

Word

Printable

Type: Task
Resolution: Unresolved
Priority: Critical
Fix Version/s: EAP-XP-5.0 Update 4
Affects Version/s: None
Component/s: MP Reactive Messaging
Labels:
None

Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
CDW pm_ack:
CDW release:
Target Release:

EAP-XP-5.0.z.GA
Intelligence Requested:
Market:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

XP5 uses "kafka-clients" version 3.7.1.redhat-00001 which has lz4-java 1.8.0.redhat-00010 [1] as dependency. This version of lz4-java contains CVE-2025-66566 and we need to update it (~~JBEAP-31646~~).

[1] https://indy.corp.redhat.com/api/content/maven/hosted/pnc-builds/org/apache/kafka/kafka-clients/3.7.1.redhat-00001/kafka-clients-3.7.1.redhat-00001.pom

clones

JBEAP-31754 (xp-6.0.z) Update kafka-clients dependency lz4-java to version 1.10.1.rhel8-redhat-00001

Resolved

is incorporated by

JBEAP-31760 (xp-5.0.x) Update kafka-clients from 3.7.1.redhat-00001 to ...

Assignee:: Kabir Khan

Reporter:: Ivo Studensky

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2026/01/06 1:18 PM

Updated:: 2026/01/06 1:23 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates