ZOOKEEPER-3563: Update Netty to fix CVE-2019-16869
…E-2019-16869 on Netty
Updated netty to 4.1.42.Final to address CVE-2019-16869
Change-Id: Ia14d695815143cdfcda1d2efcc0d83211cb356dd
Author: Patrick Hunt <phunt@apache.org>
Reviewers: Enrico Olivelli <eolivelli@apache.org>, Norbert Kalmar <nkalmar@apache.org>, Brian Nixon <brian.nixon.cs@gmail.com
Closes #1102 from phunt/zk3563_br35
(cherry picked from commit 82b04e852aa46917274964d01565be931353248f)
Signed-off-by: Norbert Kalmar <nkalmar@apache.org>
diff --git a/build.xml b/build.xml
index 21ed6a1..edb3ace 100644
--- a/build.xml
+++ b/build.xml
@@ -37,7 +37,7 @@
<property name="audience-annotations.version" value="0.5.0" />
- <property name="netty.version" value="4.1.29.Final"/>
+ <property name="netty.version" value="4.1.42.Final"/>
<property name="junit.version" value="4.12"/>
<property name="mockito.version" value="2.27.0"/>
diff --git a/pom.xml b/pom.xml
index 891373f..068f211 100755
--- a/pom.xml
+++ b/pom.xml
@@ -278,7 +278,7 @@
<hamcrest.version>1.3</hamcrest.version>
<commons-cli.version>1.2</commons-cli.version>
<jetty.version>9.4.17.v20190418</jetty.version>
- <netty.version>4.1.29.Final</netty.version>
+ <netty.version>4.1.42.Final</netty.version>
<jackson.version>2.9.10</jackson.version>
<json.version>1.1.1</json.version>
<jline.version>2.11</jline.version>