Closed settesoft closed 2 years ago
Hi @floschmedding & @srondelli , just wanted flag this PR for review as I couldn't see a way to assign it to anyone. Please let me know if I've missed something. Thanks!
Currently, the version of netty is 4.1.78.Final
at https://github.com/aws/amazon-neptune-sigv4-signer/blob/master/pom.xml#L76 is newer than the version 4.1.59.Final
being set in this Pull Request thus closing.
Previous versions are affected by CVE-2021-21290: https://nvd.nist.gov/vuln/detail/CVE-2021-21290
Issue #, if available:
Description of changes: Updated to latest version of netty. Also updated revision for main assembly version
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.