Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update vulnerable packages for v5.2 #3027

Open
wants to merge 1 commit into
base: release/5.2
Choose a base branch
from

Conversation

MichelZ
Copy link
Contributor

@MichelZ MichelZ commented Nov 20, 2024

5.2 has the following vulnerable packages:
System.Formats.Asn1
System.Private.Uri
Microsoft.Extensions.Caching.Memory

This PR updates already existing packages or takes direct dependencies on packages that can't be updated otherwise (at least I wasn't able to)

@MichelZ
Copy link
Contributor Author

MichelZ commented Nov 22, 2024

hmm... the 5.2 build seems to be broken and it seems it's not based entirely on YAML, so I'm not sure I can fix that.
e.g. the ADO-UB20-SQL19 needs to change to ADO-UB20-SQL22 it seems:
https://sqlclientdrivers.visualstudio.com/public/_build/results?buildId=101979&view=logs&j=3ad9154c-b66f-5e48-f703-44743de98f45

##[error]Failed to request agent. Exception Image ADO-UB20-SQL19 doesn't exist in pool ADO-CI-1ES-Pool
,##[error]The remote provider was unable to process the request.

@cheenamalhotra

@cheenamalhotra
Copy link
Member

We're aware of the issue, and have been working with engg teams offline to fix the ADO-UB20-SQL19 image so it can be used and we can continue testing with SQL 19.

@mdaigle mdaigle added the ➕ Code Health Issues/PRs that are targeted to source code quality improvements. label Nov 25, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
➕ Code Health Issues/PRs that are targeted to source code quality improvements.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants