druid icon indicating copy to clipboard operation
druid copied to clipboard

Published 20 hours ago verified publisher icon apache

Deprecate Netty3 in Druid

Open AnmolSun opened this issue 1 year ago • 2 comments

Description

Druid still depends on Netty3 which has vulnerabilities, such as CVE-2023-44487. Certain downstream applications such as Hive are unable to completely remove the netty3 dependencies due to being dependent on druid. Please ref HIVE-25013. Druid should remove its dependency on Netty3.

AnmolSun avatar Jan 10 '24 05:01 AnmolSun