Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrade logback dependency due CVE #11271

Merged
merged 1 commit into from May 18, 2021
Merged

Upgrade logback dependency due CVE #11271

merged 1 commit into from May 18, 2021

Conversation

normanmaurer
Copy link
Member

Motivation:

Older version of logback are affected by [CVE-2017-5929]. While its an optional dependency we should upgrade

Modifications:

Upgrade to 1.2.3

Result:

No more reports about using affected logback version

Motivation:

Older version of logback are affected by [CVE-2017-5929]. While its an optional dependency we should upgrade

Modifications:

Upgrade to 1.2.3

Result:

No more reports about using affected logback version
@normanmaurer normanmaurer added this to the 4.1.65.Final milestone May 18, 2021
@normanmaurer normanmaurer merged commit 6f19319 into 4.1 May 18, 2021
@normanmaurer normanmaurer deleted the logback branch May 18, 2021 09:41
normanmaurer added a commit that referenced this pull request May 18, 2021
Motivation:

Older version of logback are affected by [CVE-2017-5929]. While its an optional dependency we should upgrade

Modifications:

Upgrade to 1.2.3

Result:

No more reports about using affected logback version
raidyue pushed a commit to raidyue/netty that referenced this pull request Jul 8, 2022
Motivation:

Older version of logback are affected by [CVE-2017-5929]. While its an optional dependency we should upgrade

Modifications:

Upgrade to 1.2.3

Result:

No more reports about using affected logback version
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

1 participant