lhotari commented on issue #25387: URL: https://github.com/apache/pulsar/issues/25387#issuecomment-4109290910
It has been fixed by https://github.com/apache/pulsar/pull/23732 by upgrading to asynchttp client 2.12.4. You can see in https://github.com/advisories/GHSA-mfj5-cf8g-g2fv that 2.14.4 is a patched version. It seems that some security companies haven't accepted the fix. #25023 is pending to address that. We don't have a specific date when that is released. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
