You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pulsar.apache.org by GitBox <gi...@apache.org> on 2022/04/01 20:20:56 UTC
[GitHub] [pulsar] nicoloboschi opened a new pull request #14998: [fix][security] Upgrade MySQL client to 8.0.28 to get rid of CVE-2021-3711
nicoloboschi opened a new pull request #14998:
URL: https://github.com/apache/pulsar/pull/14998
### Motivation
OWASP check fails due to
```
Error: Failed to execute goal org.owasp:dependency-check-maven:6.1.6:aggregate (default) on project pulsar:
Error:
Error: One or more dependencies were identified with vulnerabilities that have a CVSS score greater than or equal to '7.0':
Error:
Error: mysql-connector-java-8.0.27.jar: CVE-2021-3711
```
### Modifications
* Upgrade MySQL client to 8.0.28. It's used only in debezium-mysql connector.
- [x] `no-need-doc`
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [pulsar] HQebupt commented on pull request #14998: [fix][security] Upgrade MySQL client to 8.0.28 to get rid of CVE-2021-3711
Posted by GitBox <gi...@apache.org>.
HQebupt commented on pull request #14998:
URL: https://github.com/apache/pulsar/pull/14998#issuecomment-1086559012
/pulsarbot rerun-failure-checks
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [pulsar] nicoloboschi commented on pull request #14998: [fix][security] Upgrade MySQL client to 8.0.28 to get rid of CVE-2021-3711
Posted by GitBox <gi...@apache.org>.
nicoloboschi commented on pull request #14998:
URL: https://github.com/apache/pulsar/pull/14998#issuecomment-1086368974
/pulsarbot rerun-failure-checks
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org