Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Getting rid of CVEs in InfluxDB connector #13821

Merged
merged 1 commit into from Jan 20, 2022
Merged

Getting rid of CVEs in InfluxDB connector #13821

merged 1 commit into from Jan 20, 2022

Conversation

dlg99
Copy link
Contributor

@dlg99 dlg99 commented Jan 19, 2022

Getting rid of CVEs in InfluxDB connector

CVE-2019-20933
CVE-2018-1000850

Motivation

mvn clean install verify -Powasp-dependency-check -DskipTests found various CVEs

Modifications

Upgraded dependencies

Verifying this change

  • Make sure that the change passes the CI checks.

This change is already covered by existing tests

Does this pull request potentially affect one of the following parts:

If yes was chosen, please highlight the changes

  • Dependencies (does it add or upgrade a dependency): YES
  • The public API: (yes / no)
  • The schema: (yes / no / don't know)
  • The default values of configurations: (yes / no)
  • The wire protocol: (yes / no)
  • The rest endpoints: (yes / no)
  • The admin cli options: (yes / no)
  • Anything that affects deployment: (yes / no / don't know)

Documentation

Check the box below or label this PR directly (if you have committer privilege).

Need to update docs?

  • doc-required

    (If you need help on updating docs, create a doc issue)

  • no-need-doc

    (Please explain why)

  • doc

    (If this PR contains doc changes)

@github-actions github-actions bot added the doc-not-needed Your PR changes do not impact docs label Jan 19, 2022
@dlg99
Copy link
Contributor Author

dlg99 commented Jan 19, 2022

/pulsarbot run-failure-checks

@dlg99
Copy link
Contributor Author

dlg99 commented Jan 19, 2022

/pulsarbot run-failure-checks

@dlg99
Copy link
Contributor Author

dlg99 commented Jan 20, 2022

/pulsarbot run-failure-checks

@codelipenghui codelipenghui merged commit 8574639 into apache:master Jan 20, 2022
@codelipenghui codelipenghui added this to the 2.10.0 milestone Jan 20, 2022
codelipenghui pushed a commit that referenced this pull request Jan 21, 2022
@dlg99 @codelipenghui
Getitng rid of CVEs in InfluxDB connector (#13821)
f68892c 
CVE-2019-20933
CVE-2018-1000850

(cherry picked from commit 8574639)
@codelipenghui codelipenghui added the cherry-picked/branch-2.9 Archived: 2.9 is end of life label Jan 21, 2022
codelipenghui pushed a commit that referenced this pull request Jan 27, 2022
@dlg99 @codelipenghui
Getitng rid of CVEs in InfluxDB connector (#13821)
f2bfe92 
CVE-2019-20933
CVE-2018-1000850

(cherry picked from commit 8574639)
@codelipenghui codelipenghui added the cherry-picked/branch-2.8 Archived: 2.8 is end of life label Jan 27, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lhotari lhotari lhotari approved these changes

@shoothzj shoothzj shoothzj approved these changes

@nicoloboschi nicoloboschi nicoloboschi approved these changes

@eolivelli eolivelli Awaiting requested review from eolivelli

@michaeljmarshall michaeljmarshall Awaiting requested review from michaeljmarshall

Assignees

@dlg99 dlg99

Labels
area/security cherry-picked/branch-2.8 Archived: 2.8 is end of life cherry-picked/branch-2.9 Archived: 2.9 is end of life doc-not-needed Your PR changes do not impact docs release/2.8.3 release/2.9.2
Projects
None yet
Milestone
2.10.0
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@dlg99 @lhotari @shoothzj @nicoloboschi @codelipenghui @gaoran10