Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Dependencies to Address CVEs #2219

Closed
aswinayyolath opened this issue Nov 8, 2024 · 0 comments · Fixed by #2220
Closed

Update Dependencies to Address CVEs #2219

aswinayyolath opened this issue Nov 8, 2024 · 0 comments · Fixed by #2220

Comments

@aswinayyolath
Copy link
Contributor

Issue description

This issue is to track the update of dependencies to address known CVEs in the following packages. Upgrading these dependencies ensures improved security and resolves any vulnerabilities that might affect the project.

Packages and CVEs

Zookeeper

Current Version: 3.8.3
Upgrade to: 3.9.3

Netty

Current Version: 4.1.100.Final
Upgrade to: 4.1.114.Final

Jetty

Current Version: 9.4.53.v20231009
Upgrade to: 9.4.56.v20240826

Nimbus JOSE+JWT

Current Version: 9.24
Upgrade to: 9.45

Upgrade the versions of the above packages to the latest versions as specified to mitigate security risks.
aswinayyolath added a commit to aswinayyolath/cruise-control that referenced this issue Nov 8, 2024
@aswinayyolath
fix: Fix CVEs
85b945c 
Update dependencies to fix CVEs: Zookeeper, Netty, Jetty, Nimbus JOSE+JWT

Contributes to: linkedin#2219

Signed-off-by: Aswin A <aswin6303@gmail.com>
@aswinayyolath aswinayyolath mentioned this issue Nov 8, 2024
Merged
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: Fix CVEs aswinayyolath/cruise-control
1 participant
@aswinayyolath