You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@samza.apache.org by GitBox <gi...@apache.org> on 2022/08/20 07:08:05 UTC
[GitHub] [samza] perkss opened a new pull request, #1630: SAMZA-2758: Upgrade vulnerable versions jetty and jackson
perkss opened a new pull request, #1630:
URL: https://github.com/apache/samza/pull/1630
Issues: Upgrade dependencies for security fixes and enhancements for jetty and jackson
In current dependencies there are security vulnerabilities
Jackson: https://security.snyk.io/package/maven/com.fasterxml.jackson.core:jackson-databind/2.12.2
Jetty: https://security.snyk.io/package/maven/org.eclipse.jetty:jetty-server/9.4.38.v20210224
Upgrade Jackson to version: 2.13.3
Upgrade Jetty to [9.4.48.v20220622](https://mvnrepository.com/artifact/org.eclipse.jetty/jetty-server/9.4.48.v20220622)
Changes: Describe major changes, listing each separately.
Upgraded dependency management versions
Tests: Existing Tests
API Changes: None
Upgrade Instructions: None
Usage Instructions: None
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@samza.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [samza] mynameborat merged pull request #1630: SAMZA-2758: Upgrade vulnerable versions jetty and jackson
Posted by GitBox <gi...@apache.org>.
mynameborat merged PR #1630:
URL: https://github.com/apache/samza/pull/1630
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@samza.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [samza] perkss commented on pull request #1630: SAMZA-2758: Upgrade vulnerable versions jetty and jackson
Posted by GitBox <gi...@apache.org>.
perkss commented on PR #1630:
URL: https://github.com/apache/samza/pull/1630#issuecomment-1251121096
@mynameborat yeah tested against local jobs that I run as samples
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@samza.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [samza] perkss commented on pull request #1630: SAMZA-2758: Upgrade vulnerable versions jetty and jackson
Posted by GitBox <gi...@apache.org>.
perkss commented on PR #1630:
URL: https://github.com/apache/samza/pull/1630#issuecomment-1221383356
@Sanil15 @mynameborat can you please take a look
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@samza.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [samza] mynameborat commented on pull request #1630: SAMZA-2758: Upgrade vulnerable versions jetty and jackson
Posted by GitBox <gi...@apache.org>.
mynameborat commented on PR #1630:
URL: https://github.com/apache/samza/pull/1630#issuecomment-1245696470
@perkss Have you tested with deploying jobs on top of the existing tests?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@samza.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org