[NXP-32149] Upgrade grpc-netty-shaded to 1.57 - Nuxeo Issue Tracker

XML

Word

Printable

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 2021.0
Fix Version/s: 2021.46
Component/s: Security

Tags:
- SupCom
- noRNS
- nxplatform
Backlog priority:
900
Upgrade notes:
Hide

The following dependencies have been upgraded from 1.28.0 to 1.57.0:

<dependency> <groupId>io.grpc</groupId> <artifactId>grpc-auth</artifactId> </dependency> <dependency> <groupId>io.grpc</groupId> <artifactId>grpc-core</artifactId> </dependency> <dependency> <groupId>io.grpc</groupId> <artifactId>grpc-netty-shaded</artifactId> </dependency> <dependency> <groupId>io.grpc</groupId> <artifactId>grpc-stub</artifactId> </dependency>
Show
The following dependencies have been upgraded from 1.28.0 to 1.57.0: <dependency> <groupId>io.grpc</groupId> <artifactId>grpc-auth</artifactId> </dependency> <dependency> <groupId>io.grpc</groupId> <artifactId>grpc-core</artifactId> </dependency> <dependency> <groupId>io.grpc</groupId> <artifactId>grpc-netty-shaded</artifactId> </dependency> <dependency> <groupId>io.grpc</groupId> <artifactId>grpc-stub</artifactId> </dependency>
Sprint:
nxplatform #101
Story Points:
2

Description

In order to fix CVE-2022-41881 (and other CVE related to netty-codec-http or netty-codec, already upgraded), we need to upgrade grpc-netty-shaded to 1.57

Attachments

Issue Links

is related to

NXP-31656 Remove GCP Stackdriver metric and tracing reporter

Resolved

Activity

People

Assignee:

Antoine Taillefer

Reporter:

Thierry Martins

Participants:

Antoine Taillefer, Jenkins, Thierry Martins

Votes:

0 Vote for this issue

Watchers:

3 Start watching this issue

Dates

Created:

2023-11-06 16:28

Updated:

2023-11-27 10:49

Resolved:

2023-11-15 10:06