Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Backport 3.29] Fix CVE #3159

Merged
merged 1 commit into from
Jan 18, 2024
Merged

[Backport 3.29] Fix CVE #3159

merged 1 commit into from
Jan 18, 2024

Conversation

c2c-bot-gis-ci
Copy link
Contributor

Backport of #3157

    Upgrade com.amazonaws:aws-java-sdk-s3@1.12.629 to com.amazonaws:aws-java-sdk-s3@1.12.639 to fix
    ✗ Allocation of Resources Without Limits or Throttling (new) [High Severity][https://security.snyk.io/vuln/SNYK-JAVA-SOFTWAREAMAZONION-6153869] in software.amazon.ion:ion-java@1.0.2
      introduced by com.amazonaws:aws-java-sdk-s3@1.12.629 > com.amazonaws:aws-java-sdk-core@1.12.629 > software.amazon.ion:ion-java@1.0.2
@sbrunner sbrunner merged commit 5d75b11 into 3.29 Jan 18, 2024
9 of 10 checks passed
@sbrunner sbrunner deleted the backport/3157-to-3.29 branch January 18, 2024 10:52
@sbrunner sbrunner added this to the 3.29.6 milestone Sep 18, 2024
@sbrunner sbrunner added the security Security fixes label Sep 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
security Security fixes
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants