You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@pulsar.apache.org by "tisonkun (via GitHub)" <gi...@apache.org> on 2023/04/18 08:14:01 UTC

[GitHub] [pulsar] tisonkun opened a new pull request, #20124: [fix][sec] spring.version=5.3.27 to fix CVE-2023-20863

tisonkun opened a new pull request, #20124:
URL: https://github.com/apache/pulsar/pull/20124

   See CVE-2023-20863 and https://github.com/apache/pulsar/actions/runs/4719451944/jobs/8392825486?pr=20114.
   
   ### Does this pull request potentially affect one of the following parts:
   
   <!-- DO NOT REMOVE THIS SECTION. CHECK THE PROPER BOX ONLY. -->
   
   *If the box was checked, please highlight the changes*
   
   - [x] Dependencies (add or upgrade a dependency)
   - [ ] The public API
   - [ ] The schema
   - [ ] The default values of configurations
   - [ ] The threading model
   - [ ] The binary protocol
   - [ ] The REST endpoints
   - [ ] The admin CLI options
   - [ ] The metrics
   - [ ] Anything that affects deployment
   
   ### Documentation
   
   <!-- DO NOT REMOVE THIS SECTION. CHECK THE PROPER BOX ONLY. -->
   
   - [ ] `doc` <!-- Your PR contains doc changes. -->
   - [ ] `doc-required` <!-- Your PR changes impact docs and you will update later -->
   - [x] `doc-not-needed` <!-- Your PR changes do not impact docs -->
   - [ ] `doc-complete` <!-- Docs have been already added -->
   
   ### Matching PR in forked repository
   
   PR in forked repository: <!-- ENTER URL HERE -->
   
   <!--
   After opening this PR, the build in apache/pulsar will fail and instructions will
   be provided for opening a PR in the PR author's forked repository.
   
   apache/pulsar pull requests should be first tested in your own fork since the 
   apache/pulsar CI based on GitHub Actions has constrained resources and quota.
   GitHub Actions provides separate quota for pull requests that are executed in 
   a forked repository.
   
   The tests will be run in the forked repository until all PR review comments have
   been handled, the tests pass and the PR is approved by a reviewer.
   -->
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] tisonkun commented on pull request #20124: [fix][sec] spring.version=5.3.27 to fix CVE-2023-20863

Posted by "tisonkun (via GitHub)" <gi...@apache.org>.

tisonkun commented on PR #20124:
URL: https://github.com/apache/pulsar/pull/20124#issuecomment-1514210910

   Thanks for your reviews! Merging...


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] tisonkun merged pull request #20124: [fix][sec] spring.version=5.3.27 to fix CVE-2023-20863

Posted by "tisonkun (via GitHub)" <gi...@apache.org>.

tisonkun merged PR #20124:
URL: https://github.com/apache/pulsar/pull/20124


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org