Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How Do I Obtain the PR for Solving the CVE Vulnerability? #43966

Closed
beijishiqidu opened this issue Dec 6, 2022 · 2 comments
Closed

How Do I Obtain the PR for Solving the CVE Vulnerability? #43966

beijishiqidu opened this issue Dec 6, 2022 · 2 comments
Labels
question Question?

Comments

@beijishiqidu
Copy link

I know from this news that clickhouse has fixed the following vulnerabilities. The current version is 21.8.8.29. we need to synchronize these submission records. However, I looked around, but I couldn't find the corresponding PR. Can anyone help me?

CVE-2022-44011
CVE-2022-44010

The list above is from this article.
https://clickhouse.com/docs/en/whats-new/security-changelog/
@beijishiqidu beijishiqidu added the question Question? label Dec 6, 2022
@santrancisco
Copy link
Contributor

Hi @beijishiqidu ,
Please find below the pull requests that fix these:

CVE-2022-44010 (CapnProto): #40292
CVE-2022-44011 (HTTP chunksize issue) : #40241 . Note that the code around this has been refactored again in this commit:
e82a5d4)

@beijishiqidu
Copy link
Author

@santrancisco You're wonderful, Thank you very much, My friend,I will try it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question Question?
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@santrancisco @beijishiqidu