security vulnerability: janusgraph-full-1.0.0-rc1: in ./lib ( netty-all.4.1.58.Final) as well as ./lib/gremlin-console-3.6.1.jar & gremlin-driver.3.6.1.jar (netty-all.4.1.77.Final)

Yingjie Li

Hello all, 

There is high  security vulnerability  due netty-all jars  in  janusgraph-full-1.0.0-rc1 that we'd like upgrade to vesion > 4.1.82.Final.  For ./lib/netty-all-4.1.58.Final.jar, I have directly replace it with the latest version netty-all-4.1.87.Final.jar and it seems all good for my use. Any pointers of where to get the upgraded versions for the embedded  gremlin-console-3.6.1.jar and gremlin-driver.3.6.1.jar ? 



Join to automatically receive all group messages.