Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade cryptacular to 1.2.4 #52331

Merged
merged 1 commit into from
Feb 14, 2020
Merged

Upgrade cryptacular to 1.2.4 #52331

merged 1 commit into from
Feb 14, 2020

Conversation

jkakavas
Copy link
Member

Cryptacular is a dependency of opensaml

@jkakavas
Update cryptacular to 1.2.4
1747287 
Cryptacular is a dependency of opensaml
@jkakavas jkakavas added >upgrade :Security/Security Security issues without another label v8.0.0 v7.7.0 labels Feb 13, 2020
@jkakavas jkakavas requested a review from ywangd February 13, 2020 17:26
@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-security (:Security/Security)

ywangd
ywangd approved these changes Feb 13, 2020
View reviewed changes
Copy link
Member

@ywangd ywangd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Just a question for my own learning purpose: When checking their website, I did notice the new version fixed a CVE. But how did you get to know this? Do we somehow get notified or is there a scan report that guides us to do manual checking? Thanks

@jkakavas jkakavas merged commit 6df2220 into elastic:master Feb 14, 2020
@jkakavas jkakavas mentioned this pull request Feb 14, 2020
Merged
jkakavas added a commit to jkakavas/elasticsearch that referenced this pull request Feb 14, 2020
@jkakavas
Update cryptacular to 1.2.4 (elastic#52331)
6b48c03 
Cryptacular is a dependency of opensaml
jkakavas added a commit to jkakavas/elasticsearch that referenced this pull request Feb 14, 2020
@jkakavas
Update cryptacular to 1.2.4 (elastic#52331)
e5905cd 
Cryptacular is a dependency of opensaml
@jkakavas jkakavas mentioned this pull request Feb 14, 2020
Merged
jkakavas added a commit to jkakavas/elasticsearch that referenced this pull request Feb 14, 2020
@jkakavas
Update cryptacular to 1.2.4 (elastic#52331)
f4ad89b 
Cryptacular is a dependency of opensaml
@jkakavas jkakavas mentioned this pull request Feb 14, 2020
Merged
jkakavas added a commit that referenced this pull request Feb 14, 2020
@jkakavas
Update cryptacular to 1.2.4 (#52331) (#52349)
6cd4292 
Cryptacular is a dependency of opensaml
jkakavas added a commit that referenced this pull request Feb 14, 2020
@jkakavas
Update cryptacular to 1.2.4 (#52331) (#52350)
f837292 
Cryptacular is a dependency of opensaml
jkakavas added a commit that referenced this pull request Feb 14, 2020
@jkakavas
[6.8] Update cryptacular to 1.2.4 (#52331) (#52351)
d80424f 
Cryptacular is a dependency of opensaml
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ywangd ywangd ywangd approved these changes

Assignees
No one assigned
Labels
>non-issue :Security/Security Security issues without another label >upgrade v6.8.7 v7.6.1 v7.7.0 v8.0.0-alpha1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@jkakavas @elasticmachine @ywangd @jakelandis