Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[CVE-2019-10255] Update py2-notebook to 5.7.8 #4836

Merged
merged 1 commit into from Apr 2, 2019
Merged

[CVE-2019-10255] Update py2-notebook to 5.7.8 #4836

merged 1 commit into from Apr 2, 2019

Conversation

smuzaffar
Copy link
Contributor

An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.8 and some browsers (Chrome, Firefox) in JupyterHub before 0.9.6 allows crafted links to the login page, which will redirect to a malicious site after successful login. Servers running on a base_url prefix are not affected.

@smuzaffar
[CVE-2019-10255] Update py2-notebook to 5.7.8
e9a02d4 
An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.8 and some browsers (Chrome, Firefox) in JupyterHub before 0.9.6 allows crafted links to the login page, which will redirect to a malicious site after successful login. Servers running on a base_url prefix are not affected.
@smuzaffar
Copy link
Contributor Author

please test

@cmsbuild
Copy link
Contributor

cmsbuild commented Apr 2, 2019
edited

The tests are being triggered in jenkins.
https://cmssdt.cern.ch/jenkins/job/ib-any-integration/33916/console

@cmsbuild
Copy link
Contributor

cmsbuild commented Apr 2, 2019

A new Pull Request was created by @smuzaffar (Malik Shahzad Muzaffar) for branch IB/CMSSW_10_6_X/gcc700.

@cmsbuild, @smuzaffar, @gudrutis, @mrodozov can you please review it and eventually sign? Thanks.
You can sign-off by replying to this message having '+1' in the first line of your reply.
You can reject by replying to this message having '-1' in the first line of your reply.

@cmsbuild
Copy link
Contributor

cmsbuild commented Apr 2, 2019

+1
Tested at: e9a02d4
https://cmssdt.cern.ch/SDT/jenkins-artifacts/pull-request-integration/PR-4836/33916/summary.html

@cmsbuild
Copy link
Contributor

cmsbuild commented Apr 2, 2019

Comparison job queued.

@smuzaffar
Copy link
Contributor Author

+externals
tests passed. This is not used by cmssw directly so merging it for 23h IB.

@smuzaffar smuzaffar merged commit 6187b39 into IB/CMSSW_10_6_X/gcc700 Apr 2, 2019
@cmsbuild
Copy link
Contributor

cmsbuild commented Apr 2, 2019

This pull request is fully signed and it will be integrated in one of the next IB/CMSSW_10_6_X/gcc700 IBs (tests are also fine). This pull request will now be reviewed by the release team before it's merged. @davidlange6, @slava77, @smuzaffar, @fabiocos (and backports should be raised in the release meeting by the corresponding L2)

@cmsbuild
Copy link
Contributor

cmsbuild commented Apr 2, 2019

Comparison is ready
https://cmssdt.cern.ch/SDT/jenkins-artifacts/pull-request-integration/PR-4836/33916/summary.html

Comparison Summary:

  • No significant changes to the logs found
  • Reco comparison results: 0 differences found in the comparisons
  • DQMHistoTests: Total files compared: 32
  • DQMHistoTests: Total histograms compared: 3139747
  • DQMHistoTests: Total failures: 1
  • DQMHistoTests: Total nulls: 0
  • DQMHistoTests: Total successes: 3139549
  • DQMHistoTests: Total skipped: 197
  • DQMHistoTests: Total Missing objects: 0
  • DQMHistoSizes: Histogram memory added: 0.0 KiB( 31 files compared)
  • Checked 133 log files, 14 edm output root files, 32 DQM output files

@smuzaffar smuzaffar deleted the smuzaffar-patch-6 branch April 5, 2019 10:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
comparison-available externals-approved fully-signed orp-pending tests-approved
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@smuzaffar @cmsbuild