[
https://issues.apache.org/jira/browse/HBASE-30202?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Yulia Buzlukova updated HBASE-30202:
------------------------------------
Description:
Update hbase-thirdparty netty version to 4.1.135.Final
This is a bug-fix release for the vulnerabilities from dependencies:
CVE-2026-44248
CVE-2026-42587
CVE-2026-42586
CVE-2026-42585
CVE-2026-42584
CVE-2026-42583
CVE-2026-42581
CVE-2026-42580
CVE-2026-42579
CVE-2026-42578
CVE-2026-41417
CVE-2026-33871
CVE-2026-33870
was:
Update hbase-thirdparty netty version to 4.1.128.Final
This is a bug-fix release for CVE-2025-59419
> [hbase-thirdparty] Bump netty4 to 4.1.135.Final
> -----------------------------------------------
>
> Key: HBASE-30202
> URL: https://issues.apache.org/jira/browse/HBASE-30202
> Project: HBase
> Issue Type: Bug
> Components: security, thirdparty
> Affects Versions: thirdparty-4.1.12
> Reporter: Yulia Buzlukova
> Priority: Trivial
> Labels: pull-request-available
> Original Estimate: 0h
> Remaining Estimate: 0h
>
> Update hbase-thirdparty netty version to 4.1.135.Final
> This is a bug-fix release for the vulnerabilities from dependencies:
> CVE-2026-44248
> CVE-2026-42587
> CVE-2026-42586
> CVE-2026-42585
> CVE-2026-42584
> CVE-2026-42583
> CVE-2026-42581
> CVE-2026-42580
> CVE-2026-42579
> CVE-2026-42578
> CVE-2026-41417
> CVE-2026-33871
> CVE-2026-33870
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
