Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump AWS Java SDK version to fix CVE-2022-31159 [5.1.z] #21858

Merged
merged 1 commit into from Jul 27, 2022
Merged

Bump AWS Java SDK version to fix CVE-2022-31159 [5.1.z] #21858

merged 1 commit into from Jul 27, 2022

Conversation

TomaszGaweda
Copy link
Contributor

Bump AWS Java SDK version to fix CVE-2022-31159

Note: this is reported as MEDIUM by OWASP, but HIGH by Docker scans.

Checklist:

  • Labels (Team:, Type:, Source:, Module:) and Milestone set
  • Label Add to Release Notes or Not Release Notes content set
  • Request reviewers if possible
  • Send backports/forwardports if fix needs to be applied to past/future releases
  • New public APIs have @Nonnull/@Nullable annotations
  • New public APIs have @since tags in Javadoc

@TomaszGaweda TomaszGaweda added Type: Defect Source: Internal PR or issue was opened by an employee Not Release Notes content Module: Jet Issues/PRs for Jet security Pull requests that address a security vulnerability Team: Integration labels Jul 27, 2022
@hz-devops-test
Copy link

The job Hazelcast-pr-builder of your PR failed. (Hazelcast internal details: build log, artifacts).
Through arcane magic we have determined that the following fragments from the build log may contain information about the problem.

Click to expand the log file 
--------------------------
-------TEST FAILURE-------
--------------------------
[INFO] Results:
[INFO] 
[ERROR] Errors: 
[ERROR]   NonSmartClientTest.when_lightJobSubmittedToNonMaster_then_accessibleFromAllMembers:204 ? Completion
[INFO] 
[ERROR] Tests run: 46895, Failures: 0, Errors: 1, Skipped: 239
[INFO] 

[ERROR] There are test failures.

@olukas olukas added this to the 5.1.3 milestone Jul 27, 2022
@TomaszGaweda
Copy link
Contributor Author

run-lab-run

@TomaszGaweda TomaszGaweda merged commit d0aa92e into hazelcast:5.1.z Jul 27, 2022
@TomaszGaweda TomaszGaweda deleted the cve-fixes/CVE-2022-31159-5.1.z branch August 17, 2023 16:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ldziedziul ldziedziul ldziedziul approved these changes

@frant-hartm frant-hartm frant-hartm approved these changes

@kwart kwart Awaiting requested review from kwart

Assignees
No one assigned
Labels
Module: Jet Issues/PRs for Jet Not Release Notes content security Pull requests that address a security vulnerability Source: Internal PR or issue was opened by an employee Team: Integration Type: Defect
Projects
None yet
Milestone
5.1.3
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@TomaszGaweda @hz-devops-test @ldziedziul @frant-hartm @olukas