Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-15892

Upgrade Netty to 4.1.72.Final

XMLWordPrintable

    • Icon: Component Upgrade Component Upgrade
    • Resolution: Done
    • Icon: Major Major
    • None
    • 24.0.1.Final
    • Clustering, JMS
    • None

      We are trying to address the CVE-2021-43797, netty-all-4.1.68.Final.jar

      The wildfly-26.0.0.Final still only ships netty-all-4.1.68.Final by default, so we need to upgrade it to 4.1.72.Final.

      The problem we are facing is that the netty-all-4.1.72.Final.jar doesn't come with all the dependencies of its sub-modules out of the box anymore.

      We are seeking suggestions/guidance on how to upgrade the Netty to 4.1.72.Final properly, and if possible, can you provide us a sample to include dependencies of sub-modules, adding netty-common for example?

      Also, is there a plan to address the CVE in the coming new release of WildFly?

      Thanks in advance. 

              ehugonne1@redhat.com Emmanuel Hugonnet
              mqiu@temenos.com Ming Qiu (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: