Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-15892

Upgrade Netty to 4.1.72.Final

    XMLWordPrintable

Details

    • Component Upgrade
    • Resolution: Done
    • Major
    • None
    • 24.0.1.Final
    • Clustering, JMS
    • None

    Description

      We are trying to address the CVE-2021-43797, netty-all-4.1.68.Final.jar

      The wildfly-26.0.0.Final still only ships netty-all-4.1.68.Final by default, so we need to upgrade it to 4.1.72.Final.

      The problem we are facing is that the netty-all-4.1.72.Final.jar doesn't come with all the dependencies of its sub-modules out of the box anymore.

      We are seeking suggestions/guidance on how to upgrade the Netty to 4.1.72.Final properly, and if possible, can you provide us a sample to include dependencies of sub-modules, adding netty-common for example?

      Also, is there a plan to address the CVE in the coming new release of WildFly?

      Thanks in advance. 

      Attachments

        Issue Links

          is incorporated by

          Bug - A problem that impairs or prevents the functions of the product. WFLY-15935 Artemis Journal module is missing a netty dependency

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Component Upgrade - A task tracking an update to a bundled component or revision of component upstream of the project. WFLY-15524 Upgrade netty from 4.1.68 to 4.1.72

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              ehugonne1@redhat.com Emmanuel Hugonnet
              mqiu@temenos.com Ming Qiu (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: