cruise-control icon indicating copy to clipboard operation
cruise-control copied to clipboard

Published 20 hours ago verified publisher icon linkedin

CVE-2023-34455 - Upgrade Kafka client to 3.5.1

Open cesaroangelo opened this issue 1 year ago • 2 comments

Kafka 3.5.1 fixes CVE-2023-34455 - Kafka CLIENTS USING SNAPPY COMPRESSION MAY CAUSE OUT OF MEMORY ERROR ON BROKERS

https://nvd.nist.gov/vuln/detail/CVE-2023-34455 https://kafka.apache.org/cve-list.html

Would it be possible to upgrade the Kafka library to 3.5.1 to fix this CVE?

cesaroangelo avatar Aug 31 '23 09:08 cesaroangelo

Related to: https://github.com/linkedin/cruise-control/issues/2044

johnswarbrick-napier avatar Sep 07 '23 13:09 johnswarbrick-napier

This should be covered by #2057 now

cesaroangelo avatar Sep 07 '23 14:09 cesaroangelo