[jira] [Updated] (FLINK-36197) bump curator-test, derby and postgres

Mon, 14 Oct 2024 10:09:05 -0700 


     [ 
https://issues.apache.org/jira/browse/FLINK-36197?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Matyas Orhidi updated FLINK-36197:
----------------------------------
    Fix Version/s: kubernetes-operator-1.10.0

> bump curator-test, derby and postgres
> -------------------------------------
>
>                 Key: FLINK-36197
>                 URL: https://issues.apache.org/jira/browse/FLINK-36197
>             Project: Flink
>          Issue Type: Improvement
>          Components: Kubernetes Operator
>    Affects Versions: kubernetes-operator-1.10.0
>            Reporter: Siddharth R
>            Priority: Major
>              Labels: pull-request-available
>             Fix For: kubernetes-operator-1.10.0
>
>
> Bump curator-test version to latest (5.7.0) to remediate the vulnerabilities 
> in the dependant packages.
> *CVE details:*
> [CVE-2024-23944|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23944]
> [CVE-2023-44981|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44981]
> [CVE-2023-43642|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43642]
> [CVE-2023-34455|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34455]
> [CVE-2023-34454|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34454]
> [CVE-2023-34453|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34453]
> [CVE-2023-2976|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2976]
> [CVE-2020-8908|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8908]
> *Package details:*
> [https://mvnrepository.com/artifact/org.apache.curator/curator-test/5.7.0]
>  
> Bump *postgresql* version to *42.5.6* to remediate a direct finding.
> *Finding details:*
> [CVE-2024-1597|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1597]
> *Package details:*
> [https://mvnrepository.com/artifact/org.postgresql/postgresql/42.5.6]
> Bump *derby* version to latest *(10.17.1.0)* to remediate direct finding.
> *Finding details:*
> [CVE-2022-46337|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46337]
> *Package details:*
> [https://mvnrepository.com/artifact/org.apache.derby/derby/10.17.1.0]



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to