Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade required dependencies in kernel upon pre-release security scans #1246

Closed
rmsamitha opened this issue Jan 12, 2023 · 3 comments
Closed

Upgrade required dependencies in kernel upon pre-release security scans #1246

rmsamitha opened this issue Jan 12, 2023 · 3 comments
Assignees
@msm1992
Labels
Priority/High Type/Task
Milestone
4.2.0-Beta

Comments

@rmsamitha
Copy link

Description

Need to upgrade the 3rd party dependencies in carbon-kernel after the pre-4.2.0 (APIM) release security scans, upon scan report analysis recommendations.

Affected Component

APIM

Version

No response

Related Issues

No response

Suggested Labels

No response
@rmsamitha rmsamitha added this to the 4.2.0-Beta milestone Jan 12, 2023
@rmsamitha
Copy link
Author

@npamudika please track this to do this as a part of the dependency upgrade effort.

@npamudika npamudika mentioned this issue Jan 12, 2023
Closed
This was referenced Jan 23, 2023
Closed
Closed
@msm1992 msm1992 mentioned this issue Jan 27, 2023
Closed
@npamudika npamudika assigned msm1992 and unassigned npamudika Jan 31, 2023
@npamudika
Copy link

Kernel version upgrade for beta - wso2/carbon-kernel#3501

@msm1992
Copy link

msm1992 commented Feb 2, 2023

Following third party dependencies were upgraded in kernel 4.8.x as part of the pre-release security scans.

[1]. jackson-databind : wso2/carbon-kernel#3494
[2]. tomcat : wso2/carbon-kernel#3475
[3]. jsoup : wso2/carbon-kernel#3492
[4]. jettison : wso2/carbon-kernel#3498

Following PRs were sent to upgrade kernel version in APIM 4.2.0

[1]. wso2/carbon-apimgt#11830
[2]. wso2/product-apim#13119

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@msm1992 msm1992

Labels
Priority/High Type/Task
Projects
None yet
Milestone
4.2.0-Beta
Development

No branches or pull requests
3 participants
@rmsamitha @npamudika @msm1992