upgrade CXF to v3.4.3 #1210
Merged
upgrade CXF to v3.4.3 #1210
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: C.J. Jameson <cjcjameson@gmail.com>
vrozov
approved these changes
May 29, 2021
There was a problem hiding this comment.
OK to upgrade with note that CVE-2021-22696 does not impact cxf-rt-rs-security-jose used by the security plugin
|
@peterzhuamazon @debjanibnrj @hardik-k-shah can one of you also approve? |
hardik-k-shah
approved these changes
Jun 14, 2021
|
@vrozov @hardik-k-shah thanks for the approval. Who can be an official second approver? |
lbreinig
pushed a commit
to lbreinig/security
that referenced
this pull request
Dec 23, 2021
Signed-off-by: C.J. Jameson <cjcjameson@gmail.com>
wuychn
pushed a commit
to ochprince/security
that referenced
this pull request
Mar 16, 2023
Signed-off-by: C.J. Jameson <cjcjameson@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Maintenance
#1208
upgrade CXF to v3.4.3
According to https://github.com/opensearch-project/.github/edit/main/SECURITY.md , I'm not supposed to say.
What is the old behavior before changes and new behavior after changes? (Please add any example/logs/screen-shot if available)
Testing done: (Please provide details of testing done: Unit testing, integration testing and manual testing)
mvn packageon my local machineTO-DOs, if any: (Please describe pending items and provide Github issues# for each of them)
Is it backport from main branch? (If yes, please add backport PR # and commits #)
By making a contribution to this project, I certify that:
(a) The contribution was created in whole or in part by me and I
have the right to submit it under the open source license
indicated in the file; or
(b) The contribution is based upon previous work that, to the best
of my knowledge, is covered under an appropriate open source
license and I have the right under that license to submit that
work with modifications, whether created in whole or in part
by me, under the same open source license (unless I am
permitted to submit under a different license), as indicated
in the file; or
(c) The contribution was provided directly to me by some other
person who certified (a), (b) or (c) and I have not modified
it.
(d) I understand and agree that this project and the contribution
are public and that a record of the contribution (including all
personal information I submit with it, including my sign-off) is
maintained indefinitely and may be redistributed consistent with
this project or the open source license(s) involved.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.