We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
As per https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45725, CouchDB v3.3.2 has a vulnerability associated with exploiting views. Hyperledger Fabric builds are currently referring to CouchDB v3.3.2: https://github.com/hyperledger/fabric/blob/main/Makefile#L54
Expected to run CouchDB v3.3.3.
Move to CouchDB v3.3.3 in Makefile. I will provide a PR.
Yes!
The text was updated successfully, but these errors were encountered:
Proposed change here: #4595
Sorry, something went wrong.
My change didn't work, but there are two backport PRs for this:
Upgrade the CouchDB used to v3.3.3 as per CVE-2023-45725.
844e281
Tracked by #4594 Signed-off-by: Ben Smith <benjsmi@us.ibm.com>
Merged into main and backported, closing.
No branches or pull requests
Current Status
As per https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45725, CouchDB v3.3.2 has a vulnerability associated with exploiting views. Hyperledger Fabric builds are currently referring to CouchDB v3.3.2: https://github.com/hyperledger/fabric/blob/main/Makefile#L54
Expected
Expected to run CouchDB v3.3.3.
Solution
Move to CouchDB v3.3.3 in Makefile. I will provide a PR.
Please let us know if you plan to work on this.
Yes!
The text was updated successfully, but these errors were encountered: