Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

FISH-5811 Upgrade Apache Santuario to 2.2.3 #5505

Merged
merged 3 commits into from
Dec 3, 2021
Merged

FISH-5811 Upgrade Apache Santuario to 2.2.3 #5505

merged 3 commits into from
Dec 3, 2021

Conversation

JamesHillyard
Copy link
Member

@JamesHillyard JamesHillyard commented Nov 24, 2021
edited
Loading

Description

CVE-2021-40690 identified a security issue with Santuario versions prior to 2.2.3 and 2.1.7. This PR updates our patched repo to 2.2.3 which also can run on JDK14+

Important Info

Blockers

Requires PR in patched-src-metro-wsit to be merged: payara/patched-src-metro-wsit#11

Testing

New tests

None

Testing Performed

All unit tests. Tested server starts and admin console loads

Testing Environment

Windows 10, Maven 3.6.3, JDK 8 and JDK 17

Documentation

Community Documentation PR: payara/Payara-Community-Documentation#277

Notes for Reviewers

Webservices 2.4.3.payara-p6 hasn't been built and uploaded to nexus yet. This will be done when the blocking PR is approved.

@JamesHillyard
Upgrade Apache Santuario to 2.2.3
a8d9bdb 
Signed-off-by: JamesHillyard <james.hillyard@payara.fish>
@JamesHillyard
Copy link
Member Author

Jenkins test please

@JamesHillyard
Copy link
Member Author

Jenkins test please

@breakponchito breakponchito self-requested a review December 3, 2021 15:30
breakponchito
breakponchito approved these changes Dec 3, 2021
View reviewed changes
Copy link
Contributor

@breakponchito breakponchito left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@JamesHillyard
Copy link
Member Author

Jenkins test please

@JamesHillyard JamesHillyard merged commit 904c03a into payara:master Dec 3, 2021
@JamesHillyard JamesHillyard deleted the FISH-5811 branch December 3, 2021 19:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@breakponchito breakponchito breakponchito approved these changes

@Pandrex247 Pandrex247 Pandrex247 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@JamesHillyard @breakponchito @Pandrex247