Bug#990345: zookeeper: various security issues
Christoph Anton Mitterer
calestyo at scientia.net
Sat Jun 26 12:50:44 BST 2021
Source: zookeeper
Version: 3.4.13-6
Severity: grave
Tags: security
Justification: user security hole
X-Debbugs-Cc: Debian Security Team <team at security.debian.org>
Hi.
The release notes for https://zookeeper.apache.org/doc/r3.6.3/releasenotes.html
list various security issues:
CVE-2020-25649
CVE-2021-21295
CVE-2021-28165
CVE-2021-21409
It's a bit unclear to me whether 3.4 is affected to, but since 3.5.x versions seem
to be, I'd guess the issues go back longer and may affect 3.4 as well.
I would guess that 3.4.x has no upstream support anymore.
Cheers,
Chirs.
More information about the pkg-java-maintainers
mailing list