Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[release/7.0-staging] Zlib: Update zlib to v1.2.13, intel-zlib to v1.2.13_jtk #89517

Merged
merged 5 commits into from
Jul 27, 2023
Merged

[release/7.0-staging] Zlib: Update zlib to v1.2.13, intel-zlib to v1.2.13_jtk #89517

merged 5 commits into from
Jul 27, 2023

Conversation

github-actions[bot]
Copy link
Contributor

@github-actions github-actions bot commented Jul 26, 2023
edited by GrabYourPitchforks
Loading

Backport of #84602 to release/7.0-staging

/cc @GrabYourPitchforks

Customer Impact

We're getting reports of compliance tooling flagging our distribution of zlib. (And we've gotten flagged internally by Component Governance on this.) While there are no current CVEs affecting how we use zlib, upgrading to the latest version will silence these alerts and restore the compliance status.

Testing

We have a full suite of unit tests and performance tests. Additionally, this change has been baking in the 8.0 preview branches for several months. No regressions have yet been reported.

Risk

Medium-low. Servicing a dependency always carries the risk of introducing new bugs. However, skimming through https://github.com/madler/zlib/commits/develop, I don't see any recent changes which indicate that 1.2.13 introduces serious bugs that needed addressing.

IMPORTANT: If this backport is for a servicing release, please verify that:

  • The PR target branch is release/X.0-staging, not release/X.0.

  • If the change touches code that ships in a NuGet package, you have added the necessary package authoring and gotten it explicitly reviewed.

@ghost
Copy link

ghost commented Jul 26, 2023

Tagging subscribers to this area: @dotnet/area-infrastructure-libraries
See info in area-owners.md if you want to be subscribed.

Issue Details

Backport of #84602 to release/7.0-staging

/cc @GrabYourPitchforks

Customer Impact

Testing

Risk

IMPORTANT: If this backport is for a servicing release, please verify that:

  • The PR target branch is release/X.0-staging, not release/X.0.

  • If the change touches code that ships in a NuGet package, you have added the necessary package authoring and gotten it explicitly reviewed.

Author: github-actions[bot]
Assignees: -
Labels:

area-Infrastructure-libraries
Milestone: -

@ghost
Copy link

ghost commented Jul 26, 2023

Tagging subscribers to this area: @dotnet/area-system-io-compression
See info in area-owners.md if you want to be subscribed.

Issue Details

Backport of #84602 to release/7.0-staging

/cc @GrabYourPitchforks

Customer Impact

Testing

Risk

IMPORTANT: If this backport is for a servicing release, please verify that:

  • The PR target branch is release/X.0-staging, not release/X.0.

  • If the change touches code that ships in a NuGet package, you have added the necessary package authoring and gotten it explicitly reviewed.

Author: github-actions[bot]
Assignees: -
Labels:

area-System.IO.Compression
Milestone: -

@GrabYourPitchforks GrabYourPitchforks added the Servicing-consider Issue for next servicing release review label Jul 26, 2023
@carlossanlop carlossanlop removed the Servicing-consider Issue for next servicing release review label Jul 26, 2023
carlossanlop
carlossanlop approved these changes Jul 26, 2023
View reviewed changes
Copy link
Member

@carlossanlop carlossanlop left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved. Pending verifying the CI and getting Tactics approval.

@carlossanlop
Copy link
Member

Please add the servicing-consider label once you fill out the template.

@build-analysis build-analysis bot mentioned this pull request Jul 26, 2023
Closed
@carlossanlop carlossanlop added the Servicing-consider Issue for next servicing release review label Jul 26, 2023
@carlossanlop carlossanlop added this to the 7.0.x milestone Jul 26, 2023
@carlossanlop carlossanlop added Servicing-approved Approved for servicing release and removed Servicing-consider Issue for next servicing release review labels Jul 27, 2023
@carlossanlop carlossanlop modified the milestones: 7.0.x, 7.0.11 Jul 27, 2023
@carlossanlop carlossanlop merged commit a00d6ad into release/7.0-staging Jul 27, 2023
171 of 182 checks passed
@carlossanlop carlossanlop deleted the backport/pr-84602-to-release/7.0-staging branch July 27, 2023 01:32
@radical radical mentioned this pull request Aug 3, 2023
Closed
@ghost ghost locked as resolved and limited conversation to collaborators Aug 26, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@carlossanlop carlossanlop carlossanlop approved these changes

Assignees

@GrabYourPitchforks GrabYourPitchforks

Labels
area-System.IO.Compression Servicing-approved Approved for servicing release
Projects
None yet
Milestone
7.0.11
Development

Successfully merging this pull request may close these issues.
2 participants
@carlossanlop @GrabYourPitchforks