Skip to content

Commit d2da301

Browse files
mergify[bot]mergify[bot]
authored
[BugFix] Fix Netty security vulnerabilities (backport #64142) (#64261)
Signed-off-by: Murphy <[email protected]>
1 parent d7985dc commit d2da301

File tree

6 files changed

+24
-4
lines changed

6 files changed

+24
-4
lines changed

.gitignore

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -90,3 +90,19 @@ be/tags
9090
build/
9191
cmake-build-debug/
9292
CMakeLists.txt
93+
.claude
94+
CLAUDE.md
95+
.clangd
96+
.cursor/
97+
98+
99+
!build-mac/CMakeLists.txt
100+
# build-mac generated files
101+
build-mac/.ninja_deps
102+
build-mac/.ninja_lock
103+
build-mac/.ninja_log
104+
build-mac/CMakeCache.txt
105+
build-mac/CMakeFiles/
106+
build-mac/build.ninja
107+
build-mac/build_version.cc
108+
build-mac/cmake_install.cmake

.trivyignore

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
# https://avd.aquasec.com/nvd/cve-2025-52999
2+
# ignore it for now, tracking it in https://github.com/StarRocks/starrocks/issues/60549
3+
CVE-2025-52999
4+
CVE-2025-55163

fe/build.gradle.kts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -59,7 +59,7 @@ subprojects {
5959
set("hive-apache.version", "3.1.2-22")
6060
set("hudi.version", "1.0.2")
6161
set("iceberg.version", "1.9.0")
62-
set("io.netty.version", "4.1.125.Final")
62+
set("io.netty.version", "4.1.128.Final")
6363
set("jackson.version", "2.15.2")
6464
set("jetty.version", "9.4.57.v20241219")
6565
set("jprotobuf-starrocks.version", "1.0.0")

fe/pom.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -61,7 +61,7 @@ under the License.
6161
<kafka-clients.version>3.4.0</kafka-clients.version>
6262
<arrow.version>18.0.0</arrow.version>
6363
<grpc.version>1.63.0</grpc.version>
64-
<io.netty.version>4.1.125.Final</io.netty.version>
64+
<io.netty.version>4.1.128.Final</io.netty.version>
6565
<puppycrawl.version>10.21.1</puppycrawl.version>
6666
<aws-v2-sdk.version>2.29.52</aws-v2-sdk.version>
6767
<avro.version>1.12.0</avro.version>

fs_brokers/apache_hdfs_broker/src/pom.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -50,7 +50,7 @@ under the License.
5050
<jackson.version>2.15.2</jackson.version>
5151
<avro.version>1.11.4</avro.version>
5252
<jetty.version>9.4.57.v20241219</jetty.version>
53-
<io.netty.version>4.1.125.Final</io.netty.version>
53+
<io.netty.version>4.1.128.Final</io.netty.version>
5454
</properties>
5555

5656
<profiles>

java-extensions/pom.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -41,7 +41,7 @@
4141
<jni-connector.version>1.0.0</jni-connector.version>
4242
<hadoop-ext.version>1.0.0</hadoop-ext.version>
4343
<java-utils.version>1.0.0</java-utils.version>
44-
<io.netty.version>4.1.125.Final</io.netty.version>
44+
<io.netty.version>4.1.128.Final</io.netty.version>
4545
<protobuf-java.version>3.25.5</protobuf-java.version>
4646
<nimbusds.version>9.37.2</nimbusds.version>
4747
<commons-io.version>2.14.0</commons-io.version>

0 commit comments

Comments
 (0)