Wrong grpc-netty version tagged in GHSA as fix for MadeYouReset

[Matthew Jericho Sy]

Hi,

Bringing to attention here a [published security advisory in GitHub stating the wrong patched version of grpc-netty-shaded](https://github.com/advisories/GHSA-prj3-ccx8-p6x4) listing a non-existent 1.175.0 as safe for MadeYouReset when it actually should be 1.75.0, correct?

I have made a PR for this: https://github.com/github/advisory-database/pull/6231

But, it seems like the maintainer of the github/advisory-database repo suggested that the grpc team be contacted to confirm.

Thank you,

Matthew Jericho Sy

[Eric Anderson]

I've commented on the PR, and some of the other PRs. This is a mess, and I can't even tell how it started.

--
You received this message because you are subscribed to the Google Groups "grpc.io" group.
To unsubscribe from this group and stop receiving emails from it, send an email to grpc-io+u...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/grpc-io/15dee414-18a3-4d41-95f1-7ed01c040850n%40googlegroups.com.