Update log4j to 2.17.1 #26560
Merged
Update log4j to 2.17.1 #26560
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
srnagar
requested review from
aayush3011,
alzimmermsft,
amishra-dev,
backwind1233,
chenrujun,
FabianMeiswinkel,
g2vinay,
hui1110,
JamesBirdsall,
jaschrep-msft,
jialigit,
JonathanGiles,
kasobol-msft,
kirankumarkolli,
kushagraThapar,
mbhaskar,
milismsft,
moderakh,
rickle-msft,
samvaity,
saragluna,
simplynaveen20,
sjkwak,
stliu,
xinlian12 and
yiliuTo
as code owners
ghost
added
JamesBirdsall
approved these changes
Jan 18, 2022
g2vinay
approved these changes
Jan 18, 2022
|
/azp run java - core |
|
Azure Pipelines successfully started running 1 pipeline(s). |
|
@weidongxu-microsoft Hi, Now they (case manager "Gaurav") is giving me excuse, i didn't showed proof of concept in my report, although I sent them big proof CVE-2021-44832 one of the biggest proof. Then why did they fixed this Vulnerability in just couple of hours and why they didn't asked me for additional info. This is completely unacceptable and injustice. It brokes me 💔💔. Please review the report again Note: i reported exact similar report to FACEBOOK AND YAHOO, i was rewarded handsome amount of bounty for this type of issue which leads to RCE. Please i want you to send the email to [email protected] and make my report rewardable. This was critical vulnerability. I can confirm my report is rewardable. THANKS. |
azure-sdk
pushed a commit
to azure-sdk/azure-sdk-for-java
that referenced
this pull request
Nov 9, 2023
Release app microsoft.app 2023 08 01 preview (Azure#26352) * Adds base for updating Microsoft.App from version preview/2023-05-02-preview to version 2023-08-01-preview * Updates readme * Updates API version in new specs and examples * Add type to Certificate (Azure#25380) * Add type to Certificate * lint * Add gpus property to AvailableWorkloadProfiles. (Azure#25328) * Add gpus property to AvailableWorkloadProfiles. * Fix. * Pauld/re add build and builder (Azure#25442) * cherry picked the build and builder updates * some more cleanup * added arm id format, removed extra properties, and named the resource provisioning states * Add OT and AI config (Azure#25350) * Add OT and AI config * resolve comments * Add service bind properties to dapr component (Azure#25781) * dapr component sb-bind definition add * fix * ran npx prettier * npx prettier --------- Co-authored-by: [email protected] <[email protected]> * Adding patching scenario ARM API (Azure#25446) * cherry picked the build and builder updates * some more cleanup * Adding patching scenario and samples * Added to readme * Lint fix * Linting * Linting error fix * Addressed comments and added extra properties * Linting * Fixing patch skip post action * Linting * Addressing comments * Reverting patchDetails changes * Fixing pipeline error * Linting * Removed invalid required tag * Fixed examples * Addressed comments --------- Co-authored-by: Paul Dorsch <[email protected]> Co-authored-by: Paul Dorsch <[email protected]> * Update microsoft.app 2023-08-01-preview for new DaprSubscription API feature (Azure#25631) * ACA Dapr Subscription: WIP Signed-off-by: Bernd Verst <[email protected]> * Add Dapr Subscription examples Signed-off-by: Bernd Verst <[email protected]> * complete examples Signed-off-by: Bernd Verst <[email protected]> * Add DaprSubscription descriptions Signed-off-by: Bernd Verst <[email protected]> * include updated readme Signed-off-by: Bernd Verst <[email protected]> * fix casing Signed-off-by: Bernd Verst <[email protected]> * formatting Signed-off-by: Bernd Verst <[email protected]> * Use Types v5 Signed-off-by: Bernd Verst <[email protected]> * Revert "Use Types v5" v5 causes several mysterious SDK build errors in this branch on this PR. To avoid this error we will stick to v3 for now. We will upgrade to v5 in a future net new branch. This reverts commit 6a43aacf16132ff1918cbeb9d9b15c74b3a55a78. --------- Signed-off-by: Bernd Verst <[email protected]> * Support log streaming on build resource (Azure#25902) * updated the build resource to support build upload and log streaming, with a token to be passed in via header * add x-ms-secret and update buildendpoint -> endpoint * retrieve log stream and upload endpoint tokens through post requests, as they are secrets * remove secret flag from tokenendpoint property, as we expect users to retrieve it * rename file * updated format of how build object returns auth token * fix example * added expiration date to token response * fix auth token to also include build resource information * renamed getAuthToken -> listAuthToken and removed resource information from token response * fix examples * updated samples to be more accurate * Update serviceBinds with clientType and customizedKeys (Azure#26111) * Update serviceBinds with clientType and customizedKeys * force ci * fix missing } --------- Co-authored-by: Ahmed ElSayed <[email protected]> * Adds new Dapr Component Resiliency Feature to existing version `Release app microsoft.app 2023 08 01 preview` (Azure#26107) * Add Dapr Component Resiliency Policies APIs to ContainerApps 2023-08-01-preview Signed-off-by: Bernd Verst <[email protected]> * Update deletion return code * Fix variable name * Remove invalid status code from example * prettify * Register new resource in readme * Remove existing import cycle * Use integers not integer strings * Fix delete status codes * More changes * Update examples * Revert "Remove existing import cycle" which causes unrelated failures This reverts commit 8ce1a74f9d12b333c43c324f1b2250a64a0f1add. --------- Signed-off-by: Bernd Verst <[email protected]> * Add API spec for ContainerApp Resiliency (Azure#25732) Signed-off-by: Hal Spang <[email protected]> * Add extendedlocation for job (Azure#26196) * Add extendedlocation for job * Add sample for container apps on connectedEnvironment * Fixes for examples * Fix connected environment example * Update old examples * removing SourceToCloud patching from 08-01-preview (Azure#26245) * Add diagnostic routes to Container App Jobs (Azure#26227) * Add diagnostic routes to Container App Jobs * Update * Update * Update * Update * Update * Update * Update operationIds --------- Co-authored-by: Michimune Kohno <[email protected]> * Update app resiliency rest api spec (Azure#26357) Signed-off-by: Yash Nisar <[email protected]> * Fix ACA component resiliency examples (Azure#26441) * Fix arm review comments for container app (Azure#26455) * update * update * update * Fix SDK build error for Microsoft.App (Azure#26416) * Fix SDK build error for Microsoft.App * Update * update * update * update --------- Co-authored-by: Michimune Kohno <[email protected]> * Fix arm review comments for container app (Azure#26479) * fix * update * update * Fix detectorProperties request path (Azure#26431) * fix list exception * change param to enum * fix lint error * revert not working changes * fix enum * rearrange --------- Co-authored-by: Chenghui Yu <[email protected]> * Enable dynamicJsonColumns for log analytics configuration (Azure#26432) * Enable dynamicJsonColumn for log analysis configuration * Add missed s * Fix code style * Update container app usages value to float (Azure#26448) * update * update * update * Fix App Resiliency retry example (Azure#26560) Signed-off-by: Yash Nisar <[email protected]> * Fix lint warning for container app (Azure#26523) * fix warning * fix warning * upate --------- Signed-off-by: Bernd Verst <[email protected]> Signed-off-by: Hal Spang <[email protected]> Signed-off-by: Yash Nisar <[email protected]> Co-authored-by: zhenqxuMSFT <[email protected]> Co-authored-by: yalixiang <[email protected]> Co-authored-by: Paul Dorsch <[email protected]> Co-authored-by: Michael Dai <[email protected]> Co-authored-by: bgashirabake <[email protected]> Co-authored-by: [email protected] <[email protected]> Co-authored-by: Harry Li <[email protected]> Co-authored-by: Paul Dorsch <[email protected]> Co-authored-by: Bernd Verst <[email protected]> Co-authored-by: Ahmed ElSayed <[email protected]> Co-authored-by: Ahmed ElSayed <[email protected]> Co-authored-by: halspang <[email protected]> Co-authored-by: LaylaLiu-gmail <[email protected]> Co-authored-by: michimune <[email protected]> Co-authored-by: Michimune Kohno <[email protected]> Co-authored-by: Yash Nisar <[email protected]> Co-authored-by: Seris370 <[email protected]> Co-authored-by: Chenghui Yu <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.