[jira] [Commented] (DRILL-8104) Upgrade protobuf-java because of CVE-2021-22569

ASF GitHub Bot (Jira) Sat, 08 Jan 2022 07:35:05 -0800


    [ 
https://issues.apache.org/jira/browse/DRILL-8104?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17471160#comment-17471160
 ]


ASF GitHub Bot commented on DRILL-8104:
---------------------------------------

kingswanwho opened a new pull request #2425:
URL: https://github.com/apache/drill/pull/2425


   # [DRILL-8104](https://issues.apache.org/jira/browse/DRILL-8104): Upgrade 
protobuf-java because of CVE-2021-22569
   
   ## Description
   
   Upgrade protobuf-java  from version 3.11.1 to 3.16.1 because of 
CVE-2021-22569
   
   ## Documentation
   
   
https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-wrvw-hg22-4m67
   
   ## Testing
   
   Check dependency by mvn, and all dependencies of protobuf has upgraded to 
3.16.1.
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


> Upgrade protobuf-java because of CVE-2021-22569
> -----------------------------------------------
>
>                 Key: DRILL-8104
>                 URL: https://issues.apache.org/jira/browse/DRILL-8104
>             Project: Apache Drill
>          Issue Type: Bug
>            Reporter: Jingchuan Hu
>            Priority: Major
>
> https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-wrvw-hg22-4m67



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (DRILL-8104) Upgrade protobuf-java because of CVE-2021-22569

Reply via email to