Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[fix][sec] Upgrade Zookeeper to 3.9.2 to address CVE-2024-23944 #22275

Merged
merged 1 commit into from
Mar 15, 2024
Merged

[fix][sec] Upgrade Zookeeper to 3.9.2 to address CVE-2024-23944 #22275

merged 1 commit into from
Mar 15, 2024

Conversation

lhotari
Copy link
Member

@lhotari lhotari commented Mar 15, 2024

Motivation

  • Address CVE-2024-23944 described in the announcement email.
  • based on the description, this has no direct impact for Pulsar users.
  • it's necessary to make the upgrade so that vulnerability scanning stays clean for Pulsar artifacts.

Modifications

  • upgrade Zookeeper to 3.9.2

Documentation

  • doc
  • doc-required
  • doc-not-needed
  • doc-complete

@github-actions github-actions bot added the doc-not-needed Your PR changes do not impact docs label Mar 15, 2024
@lhotari lhotari requested a review from asafm March 15, 2024 10:25
@Technoboy- Technoboy- added this to the 3.3.0 milestone Mar 15, 2024
@lhotari lhotari merged commit 2ffcf62 into apache:master Mar 15, 2024
54 of 56 checks passed
lhotari added a commit that referenced this pull request Mar 15, 2024
@lhotari
[fix][sec] Upgrade Zookeeper to 3.9.2 to address CVE-2024-23944 (#22275)
e6c7d73 
(cherry picked from commit 2ffcf62)
lhotari added a commit that referenced this pull request Mar 15, 2024
@lhotari
[fix][sec] Upgrade Zookeeper to 3.9.2 to address CVE-2024-23944 (#22275)
e3bbedf 
(cherry picked from commit 2ffcf62)
lhotari added a commit that referenced this pull request Mar 15, 2024
@lhotari
[fix][sec] Upgrade Zookeeper to 3.9.2 to address CVE-2024-23944 (#22275)
c1be06c 
(cherry picked from commit 2ffcf62)
lhotari added a commit that referenced this pull request Mar 15, 2024
@lhotari
[fix][sec] Upgrade Zookeeper to 3.9.2 to address CVE-2024-23944 (#22275)
81cbc12 
(cherry picked from commit 2ffcf62)
lhotari added a commit that referenced this pull request Mar 15, 2024
@lhotari
[fix][sec] Upgrade Zookeeper to 3.9.2 to address CVE-2024-23944 (#22275)
78d0b2e 
(cherry picked from commit 2ffcf62)

# Conflicts:
#	pom.xml
nikhil-ctds pushed a commit to datastax/pulsar that referenced this pull request Apr 3, 2024
@lhotari @nikhil-ctds
[fix][sec] Upgrade Zookeeper to 3.9.2 to address CVE-2024-23944 (apac…
ac697b8 
…he#22275)

(cherry picked from commit 2ffcf62)
(cherry picked from commit e6c7d73)
nikhil-ctds pushed a commit to datastax/pulsar that referenced this pull request Apr 4, 2024
@lhotari @nikhil-ctds
[fix][sec] Upgrade Zookeeper to 3.9.2 to address CVE-2024-23944 (apac…
28404f3 
…he#22275)

(cherry picked from commit 2ffcf62)
(cherry picked from commit e6c7d73)
nodece pushed a commit to ascentstream/pulsar that referenced this pull request May 13, 2024
@lhotari @nodece
[fix][sec] Upgrade Zookeeper to 3.9.2 to address CVE-2024-23944 (apac…
cd04ffc 
…he#22275)

(cherry picked from commit 2ffcf62)
hanmz pushed a commit to hanmz/pulsar that referenced this pull request Feb 12, 2025
@lhotari @hanmz
[fix][sec] Upgrade Zookeeper to 3.9.2 to address CVE-2024-23944 (apac…
036cce4 
…he#22275)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Technoboy- Technoboy- Technoboy- approved these changes

@eolivelli eolivelli Awaiting requested review from eolivelli

@codelipenghui codelipenghui Awaiting requested review from codelipenghui

@liangyepianzhou liangyepianzhou Awaiting requested review from liangyepianzhou

@asafm asafm Awaiting requested review from asafm

Assignees

@lhotari lhotari

Labels
area/security cherry-picked/branch-2.10 cherry-picked/branch-2.11 cherry-picked/branch-3.0 cherry-picked/branch-3.1 cherry-picked/branch-3.2 doc-not-needed Your PR changes do not impact docs ready-to-test release/2.10.7 release/2.11.5 release/3.0.4 release/3.1.4 release/3.2.2
Projects
None yet
Milestone
3.3.0
Development

Successfully merging this pull request may close these issues.
2 participants
@lhotari @Technoboy-