Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ZOOKEEPER-4751: Update snappy-java to 1.1.10.5 to address CVE-2023-43642 #2072

Closed
wants to merge 1 commit into from
Closed

ZOOKEEPER-4751: Update snappy-java to 1.1.10.5 to address CVE-2023-43642 #2072

wants to merge 1 commit into from
+1 −1

Conversation

lhotari
Copy link
Member

@lhotari lhotari commented Sep 30, 2023

snappy-java 1.1.10.1 contains CVE-2023-43642 . Upgrade the dependency to 1.1.10.5 to get rid of the CVE.

see https://issues.apache.org/jira/browse/ZOOKEEPER-4751

@lhotari lhotari mentioned this pull request Oct 2, 2023
Closed
ztzg
ztzg approved these changes Oct 3, 2023
View reviewed changes
Copy link
Contributor

@ztzg ztzg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

anmolnar
anmolnar approved these changes Oct 3, 2023
View reviewed changes
Copy link
Contributor

@anmolnar anmolnar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@ztzg ztzg closed this in 35a9441 Oct 3, 2023
ztzg pushed a commit that referenced this pull request Oct 3, 2023
@lhotari @ztzg
ZOOKEEPER-4751: Update snappy-java to 1.1.10.5 to address CVE-2023-43642
af22e34 


snappy-java 1.1.10.1 contains CVE-2023-43642 . Upgrade the dependency to 1.1.10.5 to get rid of the CVE.

see https://issues.apache.org/jira/browse/ZOOKEEPER-4751

Author: Lari Hotari <[email protected]>

Reviewers: Andor Molnar <[email protected]>, Damien Diederen <[email protected]>

Closes #2072 from lhotari/ZOOKEEPER-4751
ztzg pushed a commit that referenced this pull request Oct 3, 2023
@lhotari @ztzg
ZOOKEEPER-4751: Update snappy-java to 1.1.10.5 to address CVE-2023-43642
8cba51f 


snappy-java 1.1.10.1 contains CVE-2023-43642 . Upgrade the dependency to 1.1.10.5 to get rid of the CVE.

see https://issues.apache.org/jira/browse/ZOOKEEPER-4751

Author: Lari Hotari <[email protected]>

Reviewers: Andor Molnar <[email protected]>, Damien Diederen <[email protected]>

Closes #2072 from lhotari/ZOOKEEPER-4751
ztzg pushed a commit that referenced this pull request Oct 3, 2023
@lhotari @ztzg
ZOOKEEPER-4751: Update snappy-java to 1.1.10.5 to address CVE-2023-43642
e3a50a5 


snappy-java 1.1.10.1 contains CVE-2023-43642 . Upgrade the dependency to 1.1.10.5 to get rid of the CVE.

see https://issues.apache.org/jira/browse/ZOOKEEPER-4751

Author: Lari Hotari <[email protected]>

Reviewers: Andor Molnar <[email protected]>, Damien Diederen <[email protected]>

Closes #2072 from lhotari/ZOOKEEPER-4751
@ztzg
Copy link
Contributor

ztzg commented Oct 3, 2023

This is now in branch-3.7, branch-3.8, branch-3.9 and master. Thanks!

AlphaCanisMajoris pushed a commit to AlphaCanisMajoris/zookeeper that referenced this pull request Mar 28, 2024
@lhotari @AlphaCanisMajoris
ZOOKEEPER-4751: Update snappy-java to 1.1.10.5 to address CVE-2023-43642
86bd600 


snappy-java 1.1.10.1 contains CVE-2023-43642 . Upgrade the dependency to 1.1.10.5 to get rid of the CVE.

see https://issues.apache.org/jira/browse/ZOOKEEPER-4751

Author: Lari Hotari <[email protected]>

Reviewers: Andor Molnar <[email protected]>, Damien Diederen <[email protected]>

Closes apache#2072 from lhotari/ZOOKEEPER-4751
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@anmolnar anmolnar anmolnar approved these changes

@ztzg ztzg ztzg approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@lhotari @ztzg @anmolnar