Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Nginx and OpenJDK versions #5405

Merged
merged 2 commits into from
Nov 15, 2021
Merged

Update Nginx and OpenJDK versions #5405

merged 2 commits into from
Nov 15, 2021

Conversation

bwesolowski
Copy link
Contributor

@bwesolowski bwesolowski commented Aug 2, 2021
edited
Loading

Signed-off-by: Bartłomiej Wesołowski bartlomiej.wesolowski@relativity.com

🔩 Description: What code changed, and why?

  • Updated Nginx version in automate-es-gateway and automate-load-balancer from 1.19.2 to 1.21.3 to fix security vulnerability

  • Updated OpenJDK version in automate-openjdk from 11.0.10 to 11.0.12 to fix security vulnerability

⛓️ Related Resources

Vulnerability ticket for Nginx: CVE-2021-23017
Vulnerability tickets for OpenJDK: CVE-2021-2161, CVE-2021-2163

Fix for #5087
Partial fix for #4703

👍 Definition of Done

👟 How to Build and Test the Change

✅ Checklist

All PRs must tick these:

With occasional exceptions, all PRs from Progress employees must tick these:

  • Is the code clear? (complicated code or lots of comments--subdivide and use well-named methods, meaningful variable names, etc.)
  • Consistency checked? (user notifications, user prompts, visual patterns, code patterns, variable names)
  • Repeated code blocks eliminated? (adapt and reuse existing components, blocks, functions, etc.)
  • Spelling, grammar, typos checked? (at a minimum use make spell in any component directory)
  • Code well-formatted? (indents, line breaks, etc. improve rather than hinder readability)

All PRs from Progress employees should tick these if appropriate:

  • Tests added/updated? (all new code needs new tests)
  • Docs added/updated? (all customer-facing changes)

Please add a note next to any checkbox above if you are NOT ticking it.

📷 Screenshots, if applicable

@netlify
Copy link

netlify bot commented Aug 2, 2021
edited
Loading

👷 Deploy Preview for chef-automate processing.

🔨 Explore the source changes: facc326

🔍 Inspect the deploy log: https://app.netlify.com/sites/chef-automate/deploys/61445c929c256e0007285d25

@bwesolowski bwesolowski marked this pull request as ready for review August 2, 2021 15:54
@bwesolowski
Copy link
Contributor Author

@kalroy and @vivek-yadav Since you're assigned to #5087 and #4703 would you mind taking a look at this PR?
Many thanks!

@bwesolowski
Copy link
Contributor Author

I updated OpenJDK to 11.0.12 since 11.0.11 also had a vulnerability.

Bartłomiej Wesołowski added 2 commits September 17, 2021 11:11
Update Nginx version to 1.21.3
58d8285 
Signed-off-by: Bartłomiej Wesołowski <bartlomiej.wesolowski@relativity.com>
Update OpenJDK version to 11.0.12
facc326 
Signed-off-by: Bartłomiej Wesołowski <bartlomiej.wesolowski@relativity.com>
@bwesolowski
Copy link
Contributor Author

I refactored the commits as there was an issue with DCO.
Please re-review and merge when you're ready.

vivekshankar1
vivekshankar1 approved these changes Nov 15, 2021
View reviewed changes
Copy link
Collaborator

@vivekshankar1 vivekshankar1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Working properly with latest rebase from main, we can merge it. Thanks @bwesolowski

@vivek-yadav vivek-yadav merged commit 1bbe003 into chef:main Nov 15, 2021
@bwesolowski bwesolowski deleted the upgrade-nginx-and-java branch November 16, 2021 08:57
@btm btm mentioned this pull request Dec 20, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vivek-yadav vivek-yadav vivek-yadav approved these changes

@vivekshankar1 vivekshankar1 vivekshankar1 approved these changes

@kalroy kalroy Awaiting requested review from kalroy

@tas50 tas50 Awaiting requested review from tas50

Assignees
No one assigned
Labels
acceptance: verified
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@bwesolowski @tas50 @vivek-yadav @vivekshankar1 @kalroy