You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@bookkeeper.apache.org by GitBox <gi...@apache.org> on 2022/01/06 03:14:01 UTC

[GitHub] [bookkeeper] Shoothzj opened a new pull request #2976: [security] Bump bc fips version from 1.0.2 to 1.0.2.1

Shoothzj opened a new pull request #2976:
URL: https://github.com/apache/bookkeeper/pull/2976


   ### Motivation
   
   bc-fips dependency is kind of old which is released in ` Feb, 2020`. And it has direct CVE [CVE-2020-15522](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15522)
   
   
   ### Changes
   
   Bump bc fips version from 1.0.2 to 1.0.2.1
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@bookkeeper.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [bookkeeper] pkumar-singh commented on pull request #2976: [security] Bump bc fips version from 1.0.2 to 1.0.2.1

Posted by GitBox <gi...@apache.org>.

pkumar-singh commented on pull request #2976:
URL: https://github.com/apache/bookkeeper/pull/2976#issuecomment-1007845545


   @Shoothzj Regarding the test failures in PR validation: You might have to pull corresponding jar as runtime dependency here. https://github.com/apache/bookkeeper/tree/master/bookkeeper-dist 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@bookkeeper.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [bookkeeper] pkumar-singh merged pull request #2976: [security] Bump bc fips version from 1.0.2 to 1.0.2.1

Posted by GitBox <gi...@apache.org>.

pkumar-singh merged pull request #2976:
URL: https://github.com/apache/bookkeeper/pull/2976


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@bookkeeper.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [bookkeeper] Shoothzj commented on pull request #2976: [security] Bump bc fips version from 1.0.2 to 1.0.2.1

Posted by GitBox <gi...@apache.org>.

Shoothzj commented on pull request #2976:
URL: https://github.com/apache/bookkeeper/pull/2976#issuecomment-1007874808


   @pkumar-singh Thanks for your attention, fixed


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@bookkeeper.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [bookkeeper] pkumar-singh commented on pull request #2976: [security] Bump bc fips version from 1.0.2 to 1.0.2.1

Posted by GitBox <gi...@apache.org>.

pkumar-singh commented on pull request #2976:
URL: https://github.com/apache/bookkeeper/pull/2976#issuecomment-1007845545


   @Shoothzj Regarding the test failures in PR validation: You might have to pull corresponding jar as runtime dependency here. https://github.com/apache/bookkeeper/tree/master/bookkeeper-dist 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@bookkeeper.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [bookkeeper] Shoothzj commented on pull request #2976: [security] Bump bc fips version from 1.0.2 to 1.0.2.1

Posted by GitBox <gi...@apache.org>.

Shoothzj commented on pull request #2976:
URL: https://github.com/apache/bookkeeper/pull/2976#issuecomment-1007874808


   @pkumar-singh Thanks for your attention, fixed


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@bookkeeper.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org