Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bumped version of Netty4 to 4.1.60.Final - CVE-2021-21290 - CWE-378 #3283

Merged
merged 1 commit into from
Mar 24, 2021
Merged

Bumped version of Netty4 to 4.1.60.Final - CVE-2021-21290 - CWE-378 #3283

merged 1 commit into from
Mar 24, 2021

Conversation

Coduz
Copy link
Contributor

@Coduz Coduz commented Mar 22, 2021

Bump version of Netty-* from 4.1.50 to 4.1.60

Related Issue
None

Description of the solution adopted
Bumped the version.

There is already a CQ from Vertx project which is under approval.
23135

Screenshots
None

Any side note on the changes made
None

@Coduz
Bumped version of Netty4 to 4.1.60.Final - CVE-2021-21290 - CWE-378
dfc470a 
Signed-off-by: Alberto Codutti <alberto.codutti@eurotech.com>
@Coduz Coduz added CQ pending This PR needs a CQ to be approved from Eclipse before merging. Dependencies PR that updates dependencies. Be on the edge! labels Mar 22, 2021
@Coduz Coduz requested a review from lorthirk March 22, 2021 16:23
@lorthirk
Copy link

CQ has been approved

@codecov
Copy link

codecov bot commented Mar 23, 2021
edited
Loading

Codecov Report

Merging #3283 (7bb4ec0) into develop (09cb809) will increase coverage by 15.67%.
The diff coverage is n/a.

❗ Current head 7bb4ec0 differs from pull request most recent head dfc470a. Consider uploading reports for the commit dfc470a to get more accurate results
Impacted file tree graph

@@              Coverage Diff               @@
##             develop    #3283       +/-   ##
==============================================
+ Coverage      25.41%   41.09%   +15.67%     
- Complexity       656      749       +93     
==============================================
  Files           1467     1467               
  Lines          29943    29943               
  Branches        2504     2504               
==============================================
+ Hits            7609    12304     +4695     
+ Misses         21733    17004     -4729     
- Partials         601      635       +34
Impacted Files Coverage Δ Complexity Δ
...a/service/device/registry/internal/DeviceImpl.java 71.11% <0.00%> (+0.74%) 0.00% <0.00%> (ø%)
...se/kapua/commons/event/jms/JMSServiceEventBus.java 23.68% <0.00%> (+0.87%) 0.00% <0.00%> (ø%)
...client/transport/TransportElasticsearchClient.java 1.61% <0.00%> (+1.61%) 0.00% <0.00%> (ø%)
...certificate/info/internal/CertificateInfoImpl.java 17.85% <0.00%> (+1.78%) 0.00% <0.00%> (ø%)
...a/org/eclipse/kapua/commons/jpa/EntityManager.java 70.90% <0.00%> (+1.81%) 0.00% <0.00%> (ø%)
...lipse/kapua/commons/metric/MetricsServiceImpl.java 69.23% <0.00%> (+1.92%) 0.00% <0.00%> (ø%)
.../device/registry/internal/DeviceRegistryCache.java 58.00% <0.00%> (+2.00%) 0.00% <0.00%> (ø%)
...a/org/eclipse/kapua/locator/guice/KapuaModule.java 83.52% <0.00%> (+2.35%) 0.00% <0.00%> (ø%)
.../broker/core/plugin/KapuaSecurityBrokerFilter.java 61.42% <0.00%> (+2.85%) 0.00% <0.00%> (ø%)
.../eclipse/kapua/kura/simulator/payload/Metrics.java 4.28% <0.00%> (+4.28%) 0.00% <0.00%> (ø%)
... and 407 more

@Coduz Coduz removed the CQ pending This PR needs a CQ to be approved from Eclipse before merging. label Mar 24, 2021
@Coduz Coduz merged commit 17a5fae into eclipse:develop Mar 24, 2021
@Coduz Coduz deleted the chng-bumpNettyVersionTo4.1.60.Final branch March 24, 2021 12:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lorthirk lorthirk lorthirk approved these changes

Assignees
No one assigned
Labels
Dependencies PR that updates dependencies. Be on the edge!
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Coduz @lorthirk