Skip to content

[Dependencies] Upgrade libjwt to version 1.17.0. #2823

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Oct 17, 2024
Merged

[Dependencies] Upgrade libjwt to version 1.17.0. #2823

merged 3 commits into from
Oct 17, 2024

Conversation

@gmarciani
Copy link
Contributor

@gmarciani gmarciani commented Oct 15, 2024
edited
Loading

Description of changes

Upgrade libjwt to version 1.17.0 to address vulnerability CVE-2024-25189.
Also added a spec test to cover the overall libjwt installation.

Tests

AL2 AMI successfully built.

References

  • Link to impacted open issues.
  • Link to related PRs in other packages (i.e. cookbook, node).
  • Link to documentation useful to understand the changes.

Checklist

  • Make sure you are pointing to the right branch.
  • If you're creating a patch for a branch other than develop add the branch name as prefix in the PR title (e.g. [release-3.6]).
  • Check all commits' messages are clear, describing what and why vs how.
  • Make sure to have added unit tests or integration tests to cover the new/modified code.
  • Check if documentation is impacted by this change.

Please review the guidelines for contributing and Pull Request Instructions.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@gmarciani gmarciani added dependencies Pull requests that update a dependency file 3.x Security labels Oct 15, 2024
@gmarciani gmarciani force-pushed the wip/mgiacomo/3.11.1/upgrade-libjwt-1015-1 branch 4 times, most recently from a2f96aa to 51338f6 Compare October 15, 2024 20:02
@gmarciani gmarciani changed the title [Dependencies] Upgrade libjwt to version 1.17.2 to address vulnerability CVE-2024-25189 [Dependencies] Upgrade libjwt to version 1.17.0 to address vulnerability CVE-2024-25189 Oct 15, 2024
@gmarciani gmarciani marked this pull request as ready for review October 16, 2024 13:15
@gmarciani gmarciani requested review from a team as code owners October 16, 2024 13:15
@gmarciani
[Dependencies] Upgrade libjwt to version 1.17.0.
5863e23 
Signed-off-by: Giacomo Marciani <mgiacomo@amazon.com>
@gmarciani
[Test] Add spec test to cover libjwt installation.
cd88b58 
Signed-off-by: Giacomo Marciani <mgiacomo@amazon.com>
@gmarciani gmarciani force-pushed the wip/mgiacomo/3.11.1/upgrade-libjwt-1015-1 branch from 51338f6 to cd88b58 Compare October 16, 2024 17:20
@gmarciani gmarciani mentioned this pull request Oct 16, 2024
Merged
@gmarciani gmarciani enabled auto-merge (rebase) October 17, 2024 09:57
@gmarciani gmarciani changed the title [Dependencies] Upgrade libjwt to version 1.17.0 to address vulnerability CVE-2024-25189 [Dependencies] Upgrade libjwt to version 1.17.0. Oct 17, 2024
@gmarciani gmarciani merged commit 4f18801 into aws:release-3.11 Oct 17, 2024
28 of 30 checks passed
@gmarciani gmarciani deleted the wip/mgiacomo/3.11.1/upgrade-libjwt-1015-1 branch October 17, 2024 10:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@enrico-usai enrico-usai enrico-usai approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

3.x dependencies Pull requests that update a dependency file Security

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@gmarciani @enrico-usai