Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[202012][Security][CVE-2022-2309] Upgrade lxml from 4.6.3 to 4.9.1 #14066

Merged
merged 1 commit into from
Mar 7, 2023

Conversation

xumia
Copy link
Collaborator

@xumia xumia commented Mar 3, 2023

Why I did it

Fix CVE-2022-2309, upgrade lxml from 4.6.3 to 4.9.1

How I did it

How to verify it

Which release branch to backport (provide reason below if selected)

  • 201811
  • 201911
  • 202006
  • 202012
  • 202106
  • 202111
  • 202205
  • 202211

Description for the changelog

Ensure to add label/tag for the feature raised. example - PR#2174 under sonic-utilities repo. where, Generic Config and Update feature has been labelled as GCU.

Link to config_db schema for YANG module changes

A picture of a cute animal (not mandatory but encouraged)

@xumia xumia requested a review from qiluo-msft March 3, 2023 07:31
@xumia xumia changed the title [202012][Security][CVE-2022-2309] Upgrade lxml from 4.6.5 to 4.9.1 [202012][Security][CVE-2022-2309] Upgrade lxml from 4.6.3 to 4.9.1 Mar 3, 2023
@xumia xumia marked this pull request as ready for review March 6, 2023 01:06
@qiluo-msft qiluo-msft force-pushed the 202012 branch 2 times, most recently from 6fd3d83 to 06be005 Compare March 6, 2023 21:43
@xumia xumia force-pushed the fix-lxml-202012 branch from a9cb12d to 256a4e0 Compare March 7, 2023 05:01
@xumia xumia enabled auto-merge (squash) March 7, 2023 05:02
@xumia xumia merged commit 2ca6ec4 into sonic-net:202012 Mar 7, 2023
@xumia xumia deleted the fix-lxml-202012 branch March 7, 2023 09:43
github-actions bot pushed a commit to liushilongbuaa/sonic-buildimage that referenced this pull request Aug 29, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants