Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update msgpackr #13363

Closed
tsmaeder opened this issue Feb 7, 2024 · 0 comments · Fixed by #13365 · 4 remaining pull requests
Closed

Update msgpackr #13363

tsmaeder opened this issue Feb 7, 2024 · 0 comments · Fixed by #13365 · 4 remaining pull requests
Labels
messaging issues related to messaging
Milestone
1.47.0

Comments

@tsmaeder
Copy link
Contributor

tsmaeder commented Feb 7, 2024

Feature Description:

There is a medium sev. CVE against msgpackr (https://nvd.nist.gov/vuln/detail/CVE-2023-52079) which can be addressed by upgrading to 1.10.x.
@tsmaeder tsmaeder added the messaging issues related to messaging label Feb 7, 2024
tsmaeder added a commit to tsmaeder/theia that referenced this issue Feb 7, 2024
@tsmaeder
Upgrade msgpackr to 1.10.1. Fixes eclipse-theia#13363
04eb4f5 
Contributed on behalf of STMicroelectronics

Signed-off-by: Thomas Mäder <t.s.maeder@gmail.com>
@tsmaeder tsmaeder mentioned this issue Feb 7, 2024
Merged
1 task
tsmaeder added a commit to tsmaeder/theia that referenced this issue Feb 19, 2024
@tsmaeder
Upgrade msgpackr to 1.10.1. Fixes eclipse-theia#13363
ed51742 
Contributed on behalf of STMicroelectronics

Signed-off-by: Thomas Mäder <t.s.maeder@gmail.com>
tsmaeder added a commit that referenced this issue Feb 19, 2024
@tsmaeder
Upgrade msgpackr to 1.10.1. Fixes #13363 (#13365)
81111d1 
Contributed on behalf of STMicroelectronics

Signed-off-by: Thomas Mäder <t.s.maeder@gmail.com>
@jfaltermeier jfaltermeier added this to the 1.47.0 milestone Feb 29, 2024
This was referenced Feb 29, 2024
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
This was referenced Mar 1, 2024
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
messaging issues related to messaging
Projects
None yet
Milestone
1.47.0
2 participants
@jfaltermeier @tsmaeder