Snippets Groups Projects

Merged VidyaDharani Lokam requested to merge az/vl-fix-azure-vulnerability into master 1 year ago

Change details

upgrade jackson-databind to 2.15.2

Changes in:

GCP
Azure
AWS
IBM

Edited 1 year ago by VidyaDharani Lokam

Activity

VidyaDharani Lokam changed milestone to %M21 - Release 0.24 1 year ago

changed milestone to %M21 - Release 0.24
VidyaDharani Lokam added Azure Vulnerability Management labels 1 year ago

added Azure Vulnerability Management labels
VidyaDharani Lokam assigned to @vidya 1 year ago

assigned to @vidya
VidyaDharani Lokam added 1 commit 1 year ago
added 1 commit

21aab714 - update notice

Compare with previous version
VidyaDharani Lokam changed title from Draft: fix jackson-databind vulnerability to Draft: fix azure jackson-databind vulnerability 1 year ago

changed title from Draft: fix jackson-databind vulnerability to Draft: fix azure jackson-databind vulnerability
VidyaDharani Lokam changed the description 1 year ago

changed the description
VidyaDharani Lokam marked this merge request as ready 1 year ago

marked this merge request as ready
VidyaDharani Lokam @vidya · 1 year ago

Author Maintainer
Hello @Srinivasan_Narayanan - Kindly review and approve the vulnerability remediation MR (Azure only changes).

Pipeline all azure related jobs are passed, other failed jobs are unrelated to MR (since the changes are only in Azure).

Verified the remediation by mvn dependency:tree

Trivy container_scanning job - jackson-databind dependency is not listed in the vulnerability list

cc: @chad @nursheikh @lucynliu @thulasi_dass

Thanks!
Srinivasan Narayanan approved this merge request 1 year ago

approved this merge request
VidyaDharani Lokam mentioned in commit 7a87a07f 1 year ago

mentioned in commit 7a87a07f
VidyaDharani Lokam merged 1 year ago

merged

Please register or sign in to reply