Skip to content

[fix][sec] Fix transitive critical CVEs in file-system tiered storage#19957

Merged
nicoloboschi merged 2 commits into
apache:masterfrom
nicoloboschi:upgrade-hadoop
Mar 29, 2023
Merged

[fix][sec] Fix transitive critical CVEs in file-system tiered storage#19957
nicoloboschi merged 2 commits into
apache:masterfrom
nicoloboschi:upgrade-hadoop

Conversation

@nicoloboschi

@nicoloboschi nicoloboschi commented Mar 29, 2023

Copy link
Copy Markdown
Contributor

Motivation

Currently the file-system tiered storages brings in the following CVEs:

Modifications

All the above are depending from hadoop.

Verifying this change

  • Make sure that the change passes the CI checks.

Documentation

  • doc
  • doc-required
  • doc-not-needed
  • doc-complete

Matching PR in forked repository

@github-actions github-actions Bot added the doc-not-needed Your PR changes do not impact docs label Mar 29, 2023
@nicoloboschi nicoloboschi mentioned this pull request Mar 29, 2023
Closed
tisonkun
tisonkun approved these changes Mar 29, 2023
View reviewed changes

@tisonkun tisonkun left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good to go.

@nicoloboschi

nicoloboschi commented Mar 29, 2023

Copy link
Copy Markdown
Contributor Author

/pulsarbot rerun-failure-checks

@nicoloboschi nicoloboschi mentioned this pull request Mar 29, 2023
Closed
1 task
@codecov-commenter

codecov-commenter commented Mar 29, 2023
edited
Loading

Copy link
Copy Markdown

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 72.81%. Comparing base (7a99e74) to head (7f86e70).
Report is 1744 commits behind head on master.

Additional details and impacted files

Impacted file tree graph

@@              Coverage Diff              @@
##             master   #19957       +/-   ##
=============================================
+ Coverage     31.88%   72.81%   +40.93%     
- Complexity     6421    31484    +25063     
=============================================
  Files          1682     1859      +177     
  Lines        127354   136851     +9497     
  Branches      13892    15050     +1158     
=============================================
+ Hits          40601    99653    +59052     
+ Misses        80714    29275    -51439     
- Partials       6039     7923     +1884
Flag Coverage Δ
inttests 24.39% <ø> (-0.12%) ⬇️
systests 25.10% <ø> (+0.01%) ⬆️
unittests 72.08% <ø> (+54.81%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

see 1466 files with indirect coverage changes

@nicoloboschi nicoloboschi merged commit 07acdbc into apache:master Mar 29, 2023
@nicoloboschi nicoloboschi added this to the 3.0.0 milestone Mar 29, 2023
@nicoloboschi nicoloboschi self-assigned this Mar 29, 2023
@nicoloboschi nicoloboschi deleted the upgrade-hadoop branch March 30, 2023 07:11
nicoloboschi added a commit that referenced this pull request Mar 30, 2023
@nicoloboschi
[fix][sec] Fix transitive critical CVEs in file-system tiered storage (
e078c6d 
…#19957)

(cherry picked from commit 07acdbc)
nicoloboschi added a commit that referenced this pull request Mar 30, 2023
@nicoloboschi
[fix][sec] Fix transitive critical CVEs in file-system tiered storage (
14f9793 
…#19957)

(cherry picked from commit 07acdbc)
nicoloboschi added a commit to datastax/pulsar that referenced this pull request Mar 30, 2023
@nicoloboschi
[fix][sec] Fix transitive critical CVEs in file-system tiered storage (
19c6d68 
…apache#19957)

(cherry picked from commit 07acdbc)
(cherry picked from commit e078c6d)
@michaeljmarshall

michaeljmarshall commented Jun 27, 2023

Copy link
Copy Markdown
Member

As discussed on the mailing list https://lists.apache.org/thread/w4jzk27qhtosgsz7l9bmhf1t7o9mxjhp, there is no plan to release 2.9.6, so I am going to remove the release/2.9.6 label

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tisonkun tisonkun tisonkun approved these changes

Assignees

@nicoloboschi nicoloboschi

Labels

area/security area/tieredstorage cherry-picked/branch-2.10 cherry-picked/branch-2.11 doc-not-needed Your PR changes do not impact docs ready-to-test release/2.8.5 release/2.10.5 release/2.11.2

Projects

None yet

Milestone

3.0.0

Development

Successfully merging this pull request may close these issues.

4 participants

@nicoloboschi @codecov-commenter @michaeljmarshall @tisonkun