From 5567d5b2bb63a006927197cd3d00b31b0ba16133 Mon Sep 17 00:00:00 2001
From: sundapeng <sundapeng_yewu@cmss.chinamobile.com>
Date: Wed, 30 Aug 2023 00:56:17 +0000
Subject: [PATCH] =?UTF-8?q?=E5=8D=87=E7=BA=A7netty=E5=88=B04.1.86.Final?=
 =?UTF-8?q?=EF=BC=8C=E4=BF=AE=E5=A4=8D=202022-41881?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 0002-CVE-2022-41881.patch | 13 +++++++++++++
 kafka.spec                |  6 +++++-
 2 files changed, 18 insertions(+), 1 deletion(-)
 create mode 100644 0002-CVE-2022-41881.patch

diff --git a/0002-CVE-2022-41881.patch b/0002-CVE-2022-41881.patch
new file mode 100644
index 0000000..ca36e06
--- /dev/null
+++ b/0002-CVE-2022-41881.patch
@@ -0,0 +1,13 @@
+diff --git a/gradle/dependencies.gradle b/gradle/dependencies.gradle
+index 8dcf7af2f2..7b7974b5aa 100644
+--- a/gradle/dependencies.gradle
++++ b/gradle/dependencies.gradle
+@@ -100,7 +100,7 @@ versions += [
+   mavenArtifact: "3.8.1",
+   metrics: "2.2.0",
+   mockito: "3.6.0",
+-  netty: "4.1.73.Final",
++  netty: "4.1.86.Final",
+   owaspDepCheckPlugin: "6.0.3",
+   powermock: "2.0.9",
+   reflections: "0.9.12",
diff --git a/kafka.spec b/kafka.spec
index e91f701..c9c526c 100644
--- a/kafka.spec
+++ b/kafka.spec
@@ -4,7 +4,7 @@
 
 Name: kafka
 Version: 2.8.2
-Release: 1
+Release: 2
 Summary: A Distributed Streaming Platform.
 
 License: Apache-2.0
@@ -13,6 +13,7 @@ Source1: https://mirrors.huaweicloud.com/gradle/gradle-6.8.1-all.zip
 Source2: kafka.service
 Source3: gradle-wrapper.jar
 Patch0: 0001-adopt-huaweimaven.patch
+Patch1: 0002-CVE-2022-41881.patch
 
 BuildRequires: systemd java-1.8.0-openjdk-devel
 Provides: kafka = %{version}
@@ -64,6 +65,9 @@ cp -pr licenses/*   $RPM_BUILD_ROOT%{kafka_home}/licenses
 rm -rf %{buildroot}
 
 %changelog
+* Wed Aug 30 2023 sundapeng <sundapeng_yewu@cmss.chinamobile.com> - 2.8.2-2
+- fix CVE-2022-41881
+
 * Sat Sep 24 2022 xiexing <xiexing4@hisilicon.com> - 2.8.2-1
 - fix CVE-2022-34917
 
-- 
Gitee