Robert Dale
added a comment - Recommend updating to latest Netty 4.0.39.Final. Tinkerpop is at 4.0.34.
4.0.37 fixes a "leak" and other memory issues. It also addresses security issue "CVE-2016-4970 and can lead to a DOS"
Release Notes:
http://netty.io/news/2016/03/21/4-0-35-Final.html
http://netty.io/news/2016/04/04/4-0-36-Final.html
http://netty.io/news/2016/06/07/4-0-37-Final.html
http://netty.io/news/2016/07/01/4-0-38-Final-4-1-2-Final.html
http://netty.io/news/2016/07/15/4-0-39-Final-4-1-3-Final.html
In both cases, a failed transaction could have created a situation where a Frame was not released and if that Frame contained a Netty Bytebuf (which it likely would) then Netty would report a warning that the Bytebuf had not been released.
Stephen Mallette
added a comment - Fixed this in both 3.1.4:
https://github.com/apache/tinkerpop/commit/6be28270598862a7a92b88a67d18e5e8f198b92b
and 3.2.2:
https://github.com/apache/tinkerpop/commit/9913d64cd1f9050b3d047b59dcea34ee8507d2dd
In both cases, a failed transaction could have created a situation where a Frame was not released and if that Frame contained a Netty Bytebuf (which it likely would) then Netty would report a warning that the Bytebuf had not been released.
Recommend updating to latest Netty 4.0.39.Final. Tinkerpop is at 4.0.34.
4.0.37 fixes a "leak" and other memory issues. It also addresses security issue "CVE-2016-4970 and can lead to a DOS"
Release Notes:
http://netty.io/news/2016/03/21/4-0-35-Final.html
http://netty.io/news/2016/04/04/4-0-36-Final.html
http://netty.io/news/2016/06/07/4-0-37-Final.html
http://netty.io/news/2016/07/01/4-0-38-Final-4-1-2-Final.html
http://netty.io/news/2016/07/15/4-0-39-Final-4-1-3-Final.html