CVE-2023-34454, CVE-2023-34453, CVE-2023-34455 fix compatibility check

Question

CVE-2023-34454, CVE-2023-34453, CVE-2023-34455 fix compatibility check

Closed this issue a year ago · 2 comments

Hello,

I wanted to check if there are breaking changes when updating
org.xerial.snappy:snappy-java:1.1.8.4 to 1.1.10.1 to fix the above mentioned CVEs

Let me know.

Thanks
Sourabh

Answer 1 · 2023-06-16T10:28:40.000Z

After updating from 1.1.9.1 to 1.1.10.1 native library fails to load on RHEL 7 on s390x
libsnappyjava.so: /lib64/libc.so.6: version 'GLIBC_2.32' not found (required by libsnappyjava.so).
It works on RHEL 7 x84_64 and RHEL 8 s390x though.

Can be connected to #416 (1.1.10.0)

Answer 2 · 2023-06-19T21:30:05.000Z

There should be no breaking change in terms of the usage and the API. So let me close this ticket.

The above mentioned issue belongs to a different topic for an older version of Linux on s390x CPU