Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade SnakeYAML to v2.1 #17446

Merged
merged 1 commit into from
Sep 8, 2020
Merged

Upgrade SnakeYAML to v2.1 #17446

merged 1 commit into from
Sep 8, 2020

Conversation

kierendavies
Copy link
Contributor

Closes #17425

@ghost ghost added the Source: Community PR or issue was opened by a community user label Sep 1, 2020
@devOpsHazelcast
Copy link
Collaborator

Can one of the admins verify this patch?

@devOpsHazelcast
Copy link
Collaborator

devOpsHazelcast commented Sep 1, 2020
edited
Loading

CLA assistant check
All committers have signed the CLA.

@Holmistr Holmistr added this to the 4.1 milestone Sep 4, 2020
@hazelcast hazelcast deleted a comment from Holmistr Sep 7, 2020
@mmedenjak mmedenjak self-requested a review September 7, 2020 09:10
@mmedenjak
Copy link
Contributor

@kierendavies thank you for the fix! Can you sign the contributor agreement so we proceed with merging the fix? It should be fairly straightforward.

@kierendavies
Copy link
Contributor Author

@mmedenjak You're very welcome. I'm waiting on legal approval, but I hope to have that tomorrow.

@kierendavies
Copy link
Contributor Author

Signed 😄

mmedenjak
mmedenjak approved these changes Sep 8, 2020
View reviewed changes
Copy link
Contributor

@mmedenjak mmedenjak left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for the fix PR 🙇

@mmedenjak mmedenjak merged commit a46f841 into hazelcast:master Sep 8, 2020
@mmedenjak mmedenjak mentioned this pull request Sep 8, 2020
Closed
mmedenjak pushed a commit to mmedenjak/hazelcast that referenced this pull request Sep 8, 2020
@kierendavies @mmedenjak
Upgrade SnakeYAML to v2.1 (hazelcast#17446)
bcd3b3a 
(cherry picked from commit a46f841)
@mmedenjak mmedenjak mentioned this pull request Sep 8, 2020
Merged
mmedenjak pushed a commit to mmedenjak/hazelcast that referenced this pull request Sep 8, 2020
@kierendavies @mmedenjak
Upgrade SnakeYAML to v2.1 (hazelcast#17446)
436d838 
(cherry picked from commit a46f841)
@mmedenjak mmedenjak mentioned this pull request Sep 8, 2020
Merged
mmedenjak pushed a commit to mmedenjak/hazelcast that referenced this pull request Mar 3, 2021
@kierendavies @mmedenjak
Upgrade SnakeYAML to v2.1 (hazelcast#17446)
f6e6cd5 
(cherry picked from commit a46f841)
mmedenjak added a commit that referenced this pull request Mar 3, 2021
@mmedenjak @keith-f @kierendavies
[BACKPORT] Fixes vulnerabilities on 3.12.z (#18344)
c36cedf 
* Updated to Jackson version to address a Twistlock-reported issue: CVE-2020-24616 (#17484)

(cherry picked from commit cad3caf)

* Upgrade SnakeYAML to v2.1 (#17446)

(cherry picked from commit a46f841)

Co-authored-by: keith-f <k.s.flanagan@gmail.com>
Co-authored-by: Kieren Davies <kieren@kdavi.es>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@blazember blazember blazember approved these changes

@mmedenjak mmedenjak mmedenjak approved these changes

Assignees
No one assigned
Labels
Module: Config Source: Community PR or issue was opened by a community user Team: Core Type: Defect
Projects
None yet
Milestone
4.1
Development

Successfully merging this pull request may close these issues.

Vulnerability in dependency snakeyaml-engine v1.0
5 participants
@kierendavies @devOpsHazelcast @mmedenjak @blazember @Holmistr