Skip to content

fix(sec): upgrade com.google.protobuf:protobuf-java to 3.21.7#18763

Merged
rschlussel merged 1 commit intoprestodb:masterfrom
pen4:oscs_fix_ce6m8igau51qdhegolmg
Dec 19, 2022
Merged

fix(sec): upgrade com.google.protobuf:protobuf-java to 3.21.7#18763
rschlussel merged 1 commit intoprestodb:masterfrom
pen4:oscs_fix_ce6m8igau51qdhegolmg

Conversation

@pen4
Copy link
Contributor

@pen4 pen4 commented Dec 5, 2022

What happened?

There are 1 security vulnerabilities found in com.google.protobuf:protobuf-java 3.19.2

What did I do?

Upgrade com.google.protobuf:protobuf-java from 3.19.2 to 3.21.7 for vulnerability fix

What did you expect to happen?

Ideally, no insecure libs should be used.

The specification of the pull request

PR Specification from OSCS
Signed-off-by:pen4948453219@qq.com

@pen4 pen4 requested a review from a team as a code owner December 5, 2022 03:24
@pen4 pen4 requested a review from presto-oss December 5, 2022 03:24
@linux-foundation-easycla
Copy link

linux-foundation-easycla bot commented Dec 5, 2022
edited
Loading

CLA Signed

The committers listed above are authorized under a signed CLA.

  • ✅ login: pen4 / name: xiaokang (28ca147)

@ajaygeorge
Copy link
Contributor

ajaygeorge commented Dec 6, 2022

@pen4 Can you please sign the CLA

ajaygeorge
ajaygeorge approved these changes Dec 6, 2022
View reviewed changes
Copy link
Contributor

@ajaygeorge ajaygeorge left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@pen4
Copy link
Contributor Author

pen4 commented Dec 16, 2022

Yes,CLA signed.

@rschlussel rschlussel merged commit 05688c7 into prestodb:master Dec 19, 2022
@wanglinsong wanglinsong mentioned this pull request Jan 12, 2023
Merged
30 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ajaygeorge ajaygeorge ajaygeorge approved these changes

@rschlussel rschlussel rschlussel approved these changes

@presto-oss presto-oss Awaiting requested review from presto-oss presto-oss is a code owner automatically assigned from prestodb/committers

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@pen4 @ajaygeorge @rschlussel