Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[fix][sec] Fix transitive critical CVEs in file-system tiered storage #19957

Merged
merged 2 commits into from
Mar 29, 2023
Merged

[fix][sec] Fix transitive critical CVEs in file-system tiered storage #19957

merged 2 commits into from
Mar 29, 2023

Conversation

nicoloboschi
Copy link
Contributor

Motivation

Currently the file-system tiered storages brings in the following CVEs:

Modifications

All the above are depending from hadoop.

Verifying this change

  • Make sure that the change passes the CI checks.

Documentation

  • doc
  • doc-required
  • doc-not-needed
  • doc-complete

Matching PR in forked repository

@github-actions github-actions bot added the doc-not-needed Your PR changes do not impact docs label Mar 29, 2023
@nicoloboschi nicoloboschi mentioned this pull request Mar 29, 2023
Closed
tisonkun
tisonkun approved these changes Mar 29, 2023
View reviewed changes
Copy link
Member

@tisonkun tisonkun left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good to go.

@nicoloboschi
Copy link
Contributor Author

/pulsarbot rerun-failure-checks

@nicoloboschi nicoloboschi mentioned this pull request Mar 29, 2023
Closed
1 task
@codecov-commenter
Copy link

codecov-commenter commented Mar 29, 2023
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 72.81%. Comparing base (7a99e74) to head (7f86e70).
Report is 1744 commits behind head on master.

Additional details and impacted files

Impacted file tree graph

@@              Coverage Diff              @@
##             master   #19957       +/-   ##
=============================================
+ Coverage     31.88%   72.81%   +40.93%     
- Complexity     6421    31484    +25063     
=============================================
  Files          1682     1859      +177     
  Lines        127354   136851     +9497     
  Branches      13892    15050     +1158     
=============================================
+ Hits          40601    99653    +59052     
+ Misses        80714    29275    -51439     
- Partials       6039     7923     +1884
Flag Coverage Δ
inttests 24.39% <ø> (-0.12%) ⬇️
systests 25.10% <ø> (+0.01%) ⬆️
unittests 72.08% <ø> (+54.81%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

see 1466 files with indirect coverage changes

@nicoloboschi nicoloboschi merged commit 07acdbc into apache:master Mar 29, 2023
@nicoloboschi nicoloboschi added this to the 3.0.0 milestone Mar 29, 2023
@nicoloboschi nicoloboschi self-assigned this Mar 29, 2023
@nicoloboschi nicoloboschi deleted the upgrade-hadoop branch March 30, 2023 07:11
nicoloboschi added a commit that referenced this pull request Mar 30, 2023
@nicoloboschi
[fix][sec] Fix transitive critical CVEs in file-system tiered storage (
e078c6d 
…#19957)

(cherry picked from commit 07acdbc)
nicoloboschi added a commit that referenced this pull request Mar 30, 2023
@nicoloboschi
[fix][sec] Fix transitive critical CVEs in file-system tiered storage (
14f9793 
…#19957)

(cherry picked from commit 07acdbc)
nicoloboschi added a commit to datastax/pulsar that referenced this pull request Mar 30, 2023
@nicoloboschi
[fix][sec] Fix transitive critical CVEs in file-system tiered storage (
19c6d68 
…apache#19957)

(cherry picked from commit 07acdbc)
(cherry picked from commit e078c6d)
@michaeljmarshall
Copy link
Member

As discussed on the mailing list https://lists.apache.org/thread/w4jzk27qhtosgsz7l9bmhf1t7o9mxjhp, there is no plan to release 2.9.6, so I am going to remove the release/2.9.6 label

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tisonkun tisonkun tisonkun approved these changes

Assignees

@nicoloboschi nicoloboschi

Labels
area/security area/tieredstorage cherry-picked/branch-2.10 cherry-picked/branch-2.11 doc-not-needed Your PR changes do not impact docs ready-to-test release/2.8.5 release/2.10.5 release/2.11.2
Projects
None yet
Milestone
3.0.0
Development

Successfully merging this pull request may close these issues.
4 participants
@nicoloboschi @codecov-commenter @michaeljmarshall @tisonkun