Fix CVE-2023-25194 in kogito-runtimes #293

baldimir · 2023-05-30T15:16:12Z

Issue: GHSA-26f8-x7cc-wqpc

kafka version used in kogito-runtimes contains this vulnerability. The version should be updated to a newer one.

Acceptance criteria:

kogito-runtimes uses kafka version not affected by this vulnerability

baldimir · 2023-05-30T15:22:32Z

PR https://github.com/kiegroup/kogito-runtimes/pull/3022

baldimir · 2023-06-02T13:51:07Z

PR merged, closing this.

baldimir self-assigned this May 30, 2023

baldimir added area:dependencies Dependency upgrade/update/migration area:engine Related to the runtime engines type:bug Something is behaving unexpectedly labels May 30, 2023

baldimir mentioned this issue May 30, 2023

[kie-issues#292,kie-issues#293,kie-issues#294] Fix of CVE-2018-10237, CVE-2023-25194, CVE-2022-34169 apache/incubator-kie-kogito-runtimes#3022

Merged

baldimir added the area:cicd Related to pipelines, automation. Community GitHub Actions or internal label Jun 1, 2023

baldimir closed this as completed Jun 2, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix CVE-2023-25194 in kogito-runtimes #293

Fix CVE-2023-25194 in kogito-runtimes #293

baldimir commented May 30, 2023

baldimir commented May 30, 2023

baldimir commented Jun 2, 2023

Fix CVE-2023-25194 in kogito-runtimes #293

Fix CVE-2023-25194 in kogito-runtimes #293

Comments

baldimir commented May 30, 2023

baldimir commented May 30, 2023

baldimir commented Jun 2, 2023