Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Getting rid of CVEs brought in with aerospike #13819

Merged
merged 1 commit into from Jan 20, 2022
Merged

Getting rid of CVEs brought in with aerospike #13819

merged 1 commit into from Jan 20, 2022

Conversation

dlg99
Copy link
Contributor

@dlg99 dlg99 commented Jan 18, 2022

Getting rid of CVEs brought in with aerospike

CVE-2020-26939
CVE-2015-0886

Motivation

mvn clean install verify -Powasp-dependency-check -DskipTests found various CVEs

Modifications

Upgraded aerospike dependency

Verifying this change

  • Make sure that the change passes the CI checks.

This change is already covered by existing tests

Does this pull request potentially affect one of the following parts:

If yes was chosen, please highlight the changes

  • Dependencies (does it add or upgrade a dependency): YES
  • The public API: (yes / no)
  • The schema: (yes / no / don't know)
  • The default values of configurations: (yes / no)
  • The wire protocol: (yes / no)
  • The rest endpoints: (yes / no)
  • The admin cli options: (yes / no)
  • Anything that affects deployment: (yes / no / don't know)

Documentation

Check the box below or label this PR directly (if you have committer privilege).

Need to update docs?

  • doc-required

    (If you need help on updating docs, create a doc issue)

  • no-need-doc

    (Please explain why)

  • doc

    (If this PR contains doc changes)

@github-actions github-actions bot added the doc-not-needed Your PR changes do not impact docs label Jan 18, 2022
@dlg99
Copy link
Contributor Author

dlg99 commented Jan 19, 2022

/pulsarbot run-failure-checks

@dlg99
Copy link
Contributor Author

dlg99 commented Jan 19, 2022

/pulsarbot run-failure-checks

@codelipenghui codelipenghui merged commit 8a452b7 into apache:master Jan 20, 2022
@codelipenghui codelipenghui added this to the 2.10.0 milestone Jan 20, 2022
codelipenghui pushed a commit that referenced this pull request Jan 21, 2022
@dlg99 @codelipenghui
Getting rid of CVes brought in with aerospike (#13819)
bf7af79 
CVE-2020-26939
CVE-2015-0886

(cherry picked from commit 8a452b7)
@codelipenghui codelipenghui added the cherry-picked/branch-2.9 Archived: 2.9 is end of life label Jan 21, 2022
codelipenghui pushed a commit that referenced this pull request Jan 27, 2022
@dlg99 @codelipenghui
Getting rid of CVes brought in with aerospike (#13819)
a669b25 
CVE-2020-26939
CVE-2015-0886

(cherry picked from commit 8a452b7)
@codelipenghui codelipenghui added the cherry-picked/branch-2.8 Archived: 2.8 is end of life label Jan 27, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lhotari lhotari lhotari approved these changes

@shoothzj shoothzj shoothzj approved these changes

@nicoloboschi nicoloboschi nicoloboschi approved these changes

@codelipenghui codelipenghui Awaiting requested review from codelipenghui

@eolivelli eolivelli Awaiting requested review from eolivelli

@michaeljmarshall michaeljmarshall Awaiting requested review from michaeljmarshall

Assignees

@dlg99 dlg99

Labels
area/security cherry-picked/branch-2.8 Archived: 2.8 is end of life cherry-picked/branch-2.9 Archived: 2.9 is end of life doc-not-needed Your PR changes do not impact docs release/2.8.3 release/2.9.2
Projects
None yet
Milestone
2.10.0
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@dlg99 @lhotari @shoothzj @nicoloboschi @codelipenghui @gaoran10