apache/celeborn
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
0860553e18
celeborn/dev
History
pengqli 0860553e18 [CELEBORN-1163] Upgrade protobuf from 3.19.2 to 3.21.7 
### What changes were proposed in this pull request?
upgrade protobuf from 3.19.2 to 3.21.7 reducing direct CVE vulnerabilities

### Why are the changes needed?

The protobuf version has the follow CVE vulnerabilities, see
https://scout.docker.com/vulnerabilities/id/CVE-2022-3510
https://scout.docker.com/vulnerabilities/id/CVE-2022-3509
https://scout.docker.com/vulnerabilities/id/CVE-2021-22570
https://scout.docker.com/vulnerabilities/id/CVE-2021-22569

### Does this PR introduce _any_ user-facing change?
No any user-facing change

### How was this patch tested?
`./build/make-distribution.sh` to package and run test on the local.

Closes #2142 from dev-lpq/upgrade_protobuf-java_version.

Authored-by: pengqli <pengqli@cisco.com>
Signed-off-by: zky.zhoukeyong <zky.zhoukeyong@alibaba-inc.com>
2023-12-16 13:58:36 +08:00
..
deps [CELEBORN-1163] Upgrade protobuf from 3.19.2 to 3.21.7 2023-12-16 13:58:36 +08:00
checkout_pr.sh [INFRA] Inroduce checkout_pr.sh shell script (#968) 2022-11-14 22:28:43 +08:00
dependencies.sh [CELEBORN-1092] Introduce JVM monitoring in Celeborn Worker using JVMQuake 2023-11-28 20:45:08 +08:00
merge_pr.py [CELEBORN-937][INFRA] Improve branch suggestion for backporting 2023-09-01 00:20:42 +08:00
reformat [CELEBORN-1105][FLINK] Support Flink 1.18 2023-11-06 15:53:39 +08:00