Skip to content

fix (druid): CVE-2024-36114 #926

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Nov 12, 2024
Merged

fix (druid): CVE-2024-36114 #926

merged 6 commits into from
Nov 12, 2024

Conversation

@maltesander
Copy link
Member

@maltesander maltesander commented Nov 11, 2024
edited by siegfriedweber
Loading

Description

Fix CVE-2024-36114 in Druid 26.0.0 and 30.0.0 by upgrading a dependency.

part of stackabletech/vulnerabilities#834

Definition of Done Checklist

  • Not all of these items are applicable to all PRs, the author should update this template to only leave the boxes in that are relevant
  • Please make sure all these things are done and tick the boxes
- [ ] Changes are OpenShift compatible
- [ ] All added packages (via microdnf or otherwise) have a comment on why they are added
- [ ] Things not downloaded from Red Hat repositories should be mirrored in the Stackable repository and downloaded from there
- [ ] All packages should have (if available) signatures/hashes verified
- [ ] Add an entry to the CHANGELOG.md file
- [x] Integration tests ran successfully
TIP: Running integration tests with a new product image

The image can be built and uploaded to the kind cluster with the following commands:

bake --product <product> --image-version <stackable-image-version>
kind load docker-image <image-tagged-with-the-major-version> --name=<name-of-your-test-cluster>

See the output of bake to retrieve the image tag for <image-tagged-with-the-major-version>.

@maltesander maltesander requested a review from a team November 11, 2024 08:37
@maltesander maltesander self-assigned this Nov 11, 2024
siegfriedweber
siegfriedweber requested changes Nov 11, 2024
View reviewed changes
@maltesander @siegfriedweber
Update CHANGELOG.md
a54aaa7 
Co-authored-by: Siegfried Weber <[email protected]>
siegfriedweber
siegfriedweber previously approved these changes Nov 12, 2024
View reviewed changes
@maltesander maltesander added this pull request to the merge queue Nov 12, 2024
Merged via the queue into main with commit e570124 Nov 12, 2024
2 checks passed
@maltesander maltesander deleted the fix/druid/CVE-2024-36114 branch November 12, 2024 10:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@siegfriedweber siegfriedweber siegfriedweber approved these changes

Assignees

@maltesander maltesander

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@maltesander @siegfriedweber