Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bump to Netty 4.1.100 for Rapid Reset Mitigation #675

Merged
merged 2 commits into from
Oct 12, 2023
Merged

bump to Netty 4.1.100 for Rapid Reset Mitigation #675

merged 2 commits into from
Oct 12, 2023

Conversation

SamBarker
Copy link
Member

Type of change

  • Bugfix

Description

bump to Netty 4.1.100 for Rapid Reset Mitigation

Additional Context

It seems simpler to bump and avoid issues with security scanners than to decide if the admin and metrics endpoints are actually un affected.

Checklist

Please go through this checklist and make sure all applicable tasks have been done

  • Write tests
  • Make sure all tests pass
  • Review performance test results. Ensure that any degradations to performance numbers are understood and justified.
  • Make sure all Sonar-Lint warnings are addressed or are justifiably ignored.
  • Update documentation
  • Reference relevant issue(s) and close them after merging
  • For user facing changes, update CHANGELOG.md (remember to include changes affecting the API of the test artefacts too).

@SamBarker
bump to Netty 4.1.100 for Rapid Reset Mitigation
a9ece2c 
Signed-off-by: Sam Barker <sbarker@redhat.com>
gracegrimwood
gracegrimwood approved these changes Oct 12, 2023
View reviewed changes
Copy link
Contributor

@gracegrimwood gracegrimwood left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It seems simpler to bump and avoid issues with security scanners than to decide if the admin and metrics endpoints are actually un affected.

That reasoning seems sound to me, and there don't appear to be any major changes in Netty 4.1.100.Final anyway (there aren't many changes at all, actually).

LGTM.

@sonarqubecloud
Copy link

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

@SamBarker SamBarker merged commit 53ad193 into kroxylicious:main Oct 12, 2023
@SamBarker SamBarker deleted the nettyBump branch October 12, 2023 02:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gracegrimwood gracegrimwood gracegrimwood approved these changes

Assignees
No one assigned
Labels
None yet
Projects
Kroxylicious
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@SamBarker @gracegrimwood