-
Notifications
You must be signed in to change notification settings - Fork 111
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update Nginx and OpenJDK versions #5405
Conversation
👷 Deploy Preview for chef-automate processing. 🔨 Explore the source changes: facc326 🔍 Inspect the deploy log: https://app.netlify.com/sites/chef-automate/deploys/61445c929c256e0007285d25 |
@kalroy and @vivek-yadav Since you're assigned to #5087 and #4703 would you mind taking a look at this PR? |
I updated OpenJDK to 11.0.12 since 11.0.11 also had a vulnerability. |
Signed-off-by: Bartłomiej Wesołowski <bartlomiej.wesolowski@relativity.com>
Signed-off-by: Bartłomiej Wesołowski <bartlomiej.wesolowski@relativity.com>
2ec8df1
to
facc326
Compare
I refactored the commits as there was an issue with DCO. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Working properly with latest rebase from main, we can merge it. Thanks @bwesolowski
Signed-off-by: Bartłomiej Wesołowski bartlomiej.wesolowski@relativity.com
🔩 Description: What code changed, and why?
Updated Nginx version in automate-es-gateway and automate-load-balancer from 1.19.2 to 1.21.3 to fix security vulnerability
Updated OpenJDK version in automate-openjdk from 11.0.10 to 11.0.12 to fix security vulnerability
⛓️ Related Resources
Vulnerability ticket for Nginx: CVE-2021-23017
Vulnerability tickets for OpenJDK: CVE-2021-2161, CVE-2021-2163
Fix for #5087
Partial fix for #4703
👍 Definition of Done
👟 How to Build and Test the Change
✅ Checklist
All PRs must tick these:
With occasional exceptions, all PRs from Progress employees must tick these:
make spell
in any component directory)All PRs from Progress employees should tick these if appropriate:
Please add a note next to any checkbox above if you are NOT ticking it.
📷 Screenshots, if applicable