Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Libs & Vulnerability fixes #2617

Merged
merged 8 commits into from
Apr 15, 2024
Merged

Update Libs & Vulnerability fixes #2617

merged 8 commits into from
Apr 15, 2024

Conversation

tesshucom
Copy link
Owner

@tesshucom tesshucom commented Apr 15, 2024
edited

Some libraries and very minor security fixes. This pull request will reduce the vulnerability count of Jpsonic's Alpine Docker image to zero. (According to analysis by Docker Scout.)

Bump openssl to 3.1.4-r6

Remove AV1 encoder temporarily

Perhaps this problem will go away after some time. In that case, the current restraint measures would be lifted.

snyk-bot and others added 8 commits March 24, 2024 06:55
@snyk-bot @tesshucom
Bump jetty-ee10-apache-jsp from 12.0.6 to 12.0.7
db7cc2f 
fix: upgrade org.eclipse.jetty.ee10:jetty-ee10-apache-jsp from 12.0.6 to 12.0.7

Snyk has created this PR to upgrade org.eclipse.jetty.ee10:jetty-ee10-apache-jsp from 12.0.6 to 12.0.7.

See this package in Maven Repository:
https://mvnrepository.com/artifact/org.eclipse.jetty.ee10/jetty-ee10-apache-jsp/

See this project in Snyk:
https://app.snyk.io/org/tesshucom/project/fc1dbd6e-8f4e-4f04-b3ef-6e32f1e70172?utm_source=github&utm_medium=referral&page=upgrade-pr

fmt
@tesshucom
Remove AV1 encoder
561782f 
 - GHSA-c827-hfw6-qwvm
@tesshucom
Bump openssl to 3.1.4-r6
a268643 
 - CVE-2024-2511
@snyk-bot @tesshucom
Bump postgresql from 42.7.2 to 42.7.3
2b148ea 
fix: upgrade org.postgresql:postgresql from 42.7.2 to 42.7.3

Snyk has created this PR to upgrade org.postgresql:postgresql from 42.7.2 to 42.7.3.

See this package in Maven Repository:
https://mvnrepository.com/artifact/org.postgresql/postgresql/

See this project in Snyk:
https://app.snyk.io/org/tesshucom/project/fc1dbd6e-8f4e-4f04-b3ef-6e32f1e70172?utm_source=github&utm_medium=referral&page=upgrade-pr
@snyk-bot @tesshucom
Bump jaxb-runtime from 4.0.4 to 4.0.5
1585711 
fix: upgrade org.glassfish.jaxb:jaxb-runtime from 4.0.4 to 4.0.5

Snyk has created this PR to upgrade org.glassfish.jaxb:jaxb-runtime from 4.0.4 to 4.0.5.

See this package in Maven Repository:
https://mvnrepository.com/artifact/org.glassfish.jaxb/jaxb-runtime/

See this project in Snyk:
https://app.snyk.io/org/tesshucom/project/fc1dbd6e-8f4e-4f04-b3ef-6e32f1e70172?utm_source=github&utm_medium=referral&page=upgrade-pr
@tesshucom
Update Libs
552efe8
@tesshucom
Merge branch 'hotfix' into release
d175cae
@tesshucom
Version iterate
f62c2d1
@tesshucom tesshucom added type: dependency-upgrade A dependency upgrade type: hotfix Should be in patch release instead of next version release labels Apr 15, 2024
@tesshucom tesshucom added this to the jpsonic 114.1 milestone Apr 15, 2024
@tesshucom tesshucom self-assigned this Apr 15, 2024
@tesshucom tesshucom merged commit fc45b78 into master Apr 15, 2024
3 checks passed
@tesshucom tesshucom deleted the release branch April 15, 2024 17:46
@tesshucom tesshucom mentioned this pull request May 19, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@tesshucom tesshucom

Labels
type: dependency-upgrade A dependency upgrade type: hotfix Should be in patch release instead of next version release
Projects
None yet
Milestone
jpsonic 114.1
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@tesshucom @snyk-bot