Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Issue 292: Upgrades avro version to fix Vulnerabilities #293

Merged
merged 1 commit into from
Dec 13, 2023

Conversation

a6dulaleem
Copy link
Contributor

Problem description
Upgrade dependencies in Schema registry which could have possible CVEs

Library current version CVE fixed Version
avro 1.11.1 1.11.3

Problem location
gradle.properties

Suggestions for an improvement
upgrade lib versions to suggested versions to mitigate the CVEs.

Purpose of the change Fix #292

@a6dulaleem a6dulaleem marked this pull request as ready for review December 12, 2023 11:12
@a6dulaleem
Copy link
Contributor Author

ran schema registry build it ran successfully and build number is 192

Copy link
Contributor

@anishakj anishakj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@anishakj anishakj requested a review from crazyzhou December 12, 2023 11:31
@a6dulaleem a6dulaleem requested review from anishakj, shshashwat, abhinb and crazyzhou and removed request for crazyzhou December 12, 2023 11:40
Copy link
Contributor

@crazyzhou crazyzhou left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Copy link
Contributor

@anishakj anishakj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@crazyzhou crazyzhou merged commit 2970ccf into pravega:master Dec 13, 2023
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Upgrade dependencies to fix vulnerabilities
4 participants