Actions
Bug #21869
closedUpdate scala-lib version due to CVE2022-36944
Status:
Released
Priority:
N/A
Assignee:
Category:
Architecture - Dependencies
Target version:
Pull Request:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
0
Name check:
To do
Fix check:
Checked
Regression:
No
Description
There is a CVE that does not look exploitable in our case but we prefer to avoid it nonetheless.
Updated by François ARMAND about 2 years ago
- Status changed from New to In progress
- Assignee set to François ARMAND
Updated by François ARMAND about 2 years ago
We also need to update silencer to 1.7.11, there is no release for scala 2.13.9 before that.
Updated by François ARMAND about 2 years ago
Ok, it will be a bit more involved than just changing number since scalac became more strict between versions.
Updated by François ARMAND about 2 years ago
- Status changed from In progress to Pending technical review
- Assignee changed from François ARMAND to Vincent MEMBRÉ
- Pull Request set to https://github.com/Normation/rudder/pull/4517
Updated by Anonymous about 2 years ago
- Status changed from Pending technical review to Pending release
Applied in changeset rudder|a85f2bc0f6782a76e55d29cc02ac93575e668bf6.
Updated by Vincent MEMBRÉ about 2 years ago
- Fix check changed from To do to Checked
Updated by Vincent MEMBRÉ about 2 years ago
This bug has been fixed in Rudder 6.2.20, 7.1.7 and 7.2.1 which were released today.
Updated by Vincent MEMBRÉ 9 months ago
- Status changed from Pending release to Released
Actions