-
Notifications
You must be signed in to change notification settings - Fork 198
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update dependency apache-airflow to v2.9.2 [SECURITY] #4502
Update dependency apache-airflow to v2.9.2 [SECURITY] #4502
Conversation
f132456
to
407349d
Compare
f236727
to
2613855
Compare
2613855
to
289a188
Compare
Accidentally approved this while looking at the issue, disregard. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Built and tested locally, this required one fix to unpin a requirement that had dipped below the Airflow constraints.
Edited/Blocked NotificationRenovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR. You can manually request rebase by checking the rebase/retry box above. |
This PR contains the following updates:
==2.9.1
->==2.9.2
GitHub Vulnerability Alerts
CVE-2024-25142
Use of Web Browser Cache Containing Sensitive Information vulnerability in Apache Airflow.
Airflow did not return "Cache-Control" header for dynamic content, which in case of some browsers could result in potentially storing sensitive data in local cache of the browser.
This issue affects Apache Airflow: before 2.9.2.
Users are recommended to upgrade to version 2.9.2, which fixes the issue.
Release Notes
apache/airflow (apache-airflow)
v2.9.2
Compare Source
Significant Changes
^^^^^^^^^^^^^^^^^^^
No significant changes.
Bug Fixes
"""""""""
AirflowSecurityManagerV2
leave transactions in theidle in transaction
state (#39935)SafeDogStatsdLogger
to useget_validator
to enable pattern matching (#39370)has_access
(#39421)execution_date
in@apply_lineage
(#39327)sql_alchemy_engine_args
config example (#38971)Miscellaneous
"""""""""""""
yandex
provider to avoidmypy
errors (#39990)provider_info_cache
decorator (#39750)defer
(#39742)idx_last_scheduling_decision
ondag_run
table (#39275)Doc Only Changes
""""""""""""""""
CronDataIntervalTimetable
(#39780)Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Renovate Bot.