You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@pulsar.apache.org by GitBox <gi...@apache.org> on 2022/09/21 15:11:28 UTC

[GitHub] [pulsar] tisonkun opened a new pull request, #17779: fix(sec): bump snakeyaml to 1.32 for CVE-2022-38752

tisonkun opened a new pull request, #17779:
URL: https://github.com/apache/pulsar/pull/17779

   See CVE-2022-38752.
   
   ### Documentation
   
   <!-- DO NOT REMOVE THIS SECTION. CHECK THE PROPER BOX ONLY. -->
   
   - [ ] `doc-required` 
   (Your PR needs to update docs and you will update later)
   
   - [x] `doc-not-needed` 
   (Please explain why)
   
   - [ ] `doc` 
   (Your PR contains doc changes)
   
   - [ ] `doc-complete`
   (Docs have been already added)
   
   ### Matching PR in forked repository
   
   PR in forked repository: trivial to not have one.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] Jason918 merged pull request #17779: [fix][sec] Bump snakeyaml to 1.32 for CVE-2022-38752

Posted by GitBox <gi...@apache.org>.

Jason918 merged PR #17779:
URL: https://github.com/apache/pulsar/pull/17779


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] tisonkun commented on pull request #17779: [fix][sec] Bump snakeyaml to 1.32 for CVE-2022-38752

Posted by GitBox <gi...@apache.org>.

tisonkun commented on PR #17779:
URL: https://github.com/apache/pulsar/pull/17779#issuecomment-1256846558

   
   /pulsarbot run-failure-checks
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] tisonkun commented on pull request #17779: [fix][sec] Bump snakeyaml to 1.32 for CVE-2022-38752

Posted by GitBox <gi...@apache.org>.

tisonkun commented on PR #17779:
URL: https://github.com/apache/pulsar/pull/17779#issuecomment-1314682705

   @congbobo184 created at https://github.com/apache/pulsar/pull/18467.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] tisonkun commented on pull request #17779: [fix][sec] Bump snakeyaml to 1.32 for CVE-2022-38752

Posted by GitBox <gi...@apache.org>.

tisonkun commented on PR #17779:
URL: https://github.com/apache/pulsar/pull/17779#issuecomment-1256180896

   @Jason918 you're right. Let me check and update them.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] tisonkun commented on pull request #17779: [fix][sec] Bump snakeyaml to 1.32 for CVE-2022-38752

Posted by GitBox <gi...@apache.org>.

tisonkun commented on PR #17779:
URL: https://github.com/apache/pulsar/pull/17779#issuecomment-1256184874

   Updated.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] congbobo184 commented on pull request #17779: [fix][sec] Bump snakeyaml to 1.32 for CVE-2022-38752

Posted by GitBox <gi...@apache.org>.

congbobo184 commented on PR #17779:
URL: https://github.com/apache/pulsar/pull/17779#issuecomment-1314659937

   could you please cherry-pick this PR to branch-2.9? thanks.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] tisonkun commented on pull request #17779: fix(sec): bump snakeyaml to 1.32 for CVE-2022-38752

Posted by GitBox <gi...@apache.org>.

tisonkun commented on PR #17779:
URL: https://github.com/apache/pulsar/pull/17779#issuecomment-1253851861

   cc @nicoloboschi @lhotari 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] tisonkun commented on pull request #17779: [fix][sec] Bump snakeyaml to 1.32 for CVE-2022-38752

Posted by GitBox <gi...@apache.org>.

tisonkun commented on PR #17779:
URL: https://github.com/apache/pulsar/pull/17779#issuecomment-1256122503

   /pulsarbot run-failure-checks


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] Jason918 commented on pull request #17779: [fix][sec] Bump snakeyaml to 1.32 for CVE-2022-38752

Posted by GitBox <gi...@apache.org>.

Jason918 commented on PR #17779:
URL: https://github.com/apache/pulsar/pull/17779#issuecomment-1256147082

   @tisonkun we need to update the "LICENSE.bin.txt" files? like https://github.com/apache/pulsar/pull/17466


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org