Loading...

XML

Word

Printable

Type: Component Upgrade
Resolution: Done
Priority: Major
Fix Version/s: 22.0.1.Final, 23.0.0.Beta1, 23.0.0.Final
Affects Version/s: None
Component/s: Test Suite
Labels:
None

Git Pull Request:
https://github.com/wildfly/wildfly-core/pull/5714, https://github.com/wildfly/wildfly-core/pull/5715

In WildFly Core we use `io.netty` as a purely test suite dependency, it is not released with the project itself. That means the WildFly Core component is not affected by this CVE at all. The main upgrading motivation is just to help security scanners avoid flagging the project with this CVE.

https://github.com/netty/netty/releases/tag/netty-4.1.100.Final

Fixes https://access.redhat.com/security/cve/CVE-2023-44487

clones

WFLY-18625 CVE-2023-44487 Upgrade Netty to 4.1.100.Final

Closed

is cloned by

JBEAP-25861 CVE-2023-44487 Upgrade Netty to 4.1.100.Final (Test Only dependency)

Closed

Assignee:: Yeray Borges Santana

Reporter:: Yeray Borges Santana

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2023/10/11 4:40 PM

Updated:: 2024/01/25 4:55 PM

Resolved:: 2023/10/12 9:34 AM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates