[Jython-bugs] [issue2828] Upgrade netty from 4.1.24

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

New submission from Jeff Allen <ja...@fa...>:

We bundle Netty version 4.1.24.Final since 2.7.1, affected by https://nvd.nist.gov/vuln/detail/CVE-2019-16869  At the time of writing, 4.1.43 seems to be current.

https://mvnrepository.com/artifact/io.netty

(Reported by Benoît Cantin.)

----------
components: Library
messages: 12764
milestone: Jython 2.7.2
nosy: jeff.allen
priority: normal
severity: normal
status: open
title: Upgrade netty from 4.1.24
type: security
versions: Jython 2.7.2

_______________________________________
Jython tracker <re...@bu...>
<https://bugs.jython.org/issue2828>
_______________________________________