Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade XStream to 1.4.20 #3446

Merged
merged 1 commit into from
Mar 12, 2023
Merged

Upgrade XStream to 1.4.20 #3446

merged 1 commit into from
Mar 12, 2023

Conversation

wborn
Copy link
Member

@wborn wborn commented Mar 12, 2023
edited
Loading

This addresses CVE-2022-40151 and CVE-2022-41966, see:

https://x-stream.github.io/changes.html#1.4.20

This version also fixes an issue with closing streams so the workaround in GenerateDefaultTranslationsMojoTest is no longer needed.

@wborn
Upgrade XStream to 1.4.20
77789a4 
This addresses CVE-2022-40151 and CVE-2022-41966, see:

https://x-stream.github.io/changes.html#1.4.20

This version also fixes an issue with closing streams so the workaround in GenerateDefaultTranslationsMojoTest is no longer needed.

Signed-off-by: Wouter Born <github@maindrain.net>
@wborn wborn added dependencies Pull requests that update a dependency file security labels Mar 12, 2023
@wborn wborn requested a review from a team as a code owner March 12, 2023 09:41
@wborn wborn mentioned this pull request Mar 12, 2023
Closed
@wborn
Copy link
Member Author

wborn commented Mar 12, 2023

Are there issues with the website @openhab/foundation-staff ?

The build failed due to:

Caused by: java.io.IOException: Server returned HTTP response code: 521 for URL: https://openhab.org/schemas/config-description-1.0.0.xsd
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream0 (HttpURLConnection.java:1997)
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream (HttpURLConnection.java:1589)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream (HttpsURLConnectionImpl.java:224)

J-N-K
J-N-K approved these changes Mar 12, 2023
View reviewed changes
Copy link
Member

@J-N-K J-N-K left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

521 seems to be an cloudflare error.

@J-N-K J-N-K added rebuild Triggers the Jenkins PR build and removed rebuild Triggers the Jenkins PR build labels Mar 12, 2023
@J-N-K J-N-K merged commit 0c792ec into openhab:main Mar 12, 2023
@wborn wborn deleted the xstream-1.4.20 branch March 12, 2023 11:23
@wborn wborn added this to the 4.0 milestone Mar 12, 2023
wborn added a commit to wborn/openhab-addons that referenced this pull request Mar 12, 2023
@wborn
Resolve runbundles and fix tests
fd8bfb4 
Related to:

* openhab/openhab-core#3446
* openhab/openhab-core#3450

Some tests were updated because private lifecycle methods (annotated with @BeforeAll, @afterall, @beforeeach, or @AfterEach) now lead to an exception.

See: https://junit.org/junit5/docs/current/release-notes/index.html#deprecations-and-breaking-changes-3

Signed-off-by: Wouter Born <github@maindrain.net>
@wborn wborn mentioned this pull request Mar 12, 2023
Merged
wborn added a commit to wborn/openhab-addons that referenced this pull request Mar 12, 2023
@wborn
Resolve runbundles and fix tests
7b72ebf 
Related to:

* openhab/openhab-core#3433
* openhab/openhab-core#3446
* openhab/openhab-core#3450

Some tests were updated because private lifecycle methods (annotated with @BeforeAll, @afterall, @beforeeach, or @AfterEach) now lead to an exception.

See: https://junit.org/junit5/docs/current/release-notes/index.html#deprecations-and-breaking-changes-3

Signed-off-by: Wouter Born <github@maindrain.net>
wborn added a commit to wborn/openhab-distro that referenced this pull request Mar 12, 2023
@wborn
Resolve app.bndrun runbundles for HTTP/2 support and XStream upgrade
3ed5b67 
Related to:

* openhab/openhab-core#3433
* openhab/openhab-core#3446

Signed-off-by: Wouter Born <github@maindrain.net>
@wborn wborn mentioned this pull request Mar 12, 2023
Merged
kaikreuzer pushed a commit to openhab/openhab-addons that referenced this pull request Mar 12, 2023
@wborn
Resolve runbundles and fix tests (#14588)
9aa72ab 
Related to:

* openhab/openhab-core#3433
* openhab/openhab-core#3446
* openhab/openhab-core#3450

Some tests were updated because private lifecycle methods (annotated with @BeforeAll, @afterall, @beforeeach, or @AfterEach) now lead to an exception.

See: https://junit.org/junit5/docs/current/release-notes/index.html#deprecations-and-breaking-changes-3

Signed-off-by: Wouter Born <github@maindrain.net>
kaikreuzer pushed a commit to openhab/openhab-distro that referenced this pull request Mar 12, 2023
@wborn
Resolve app.bndrun runbundles for HTTP/2 support and XStream upgrade (#…
191c972 
…1482)

Related to:

* openhab/openhab-core#3433
* openhab/openhab-core#3446

Signed-off-by: Wouter Born <github@maindrain.net>
renescherer pushed a commit to renescherer/openhab-addons that referenced this pull request Mar 23, 2023
@wborn @renescherer
Resolve runbundles and fix tests (openhab#14588)
72290c9 
Related to:

* openhab/openhab-core#3433
* openhab/openhab-core#3446
* openhab/openhab-core#3450

Some tests were updated because private lifecycle methods (annotated with @BeforeAll, @afterall, @beforeeach, or @AfterEach) now lead to an exception.

See: https://junit.org/junit5/docs/current/release-notes/index.html#deprecations-and-breaking-changes-3

Signed-off-by: Wouter Born <github@maindrain.net>
FordPrfkt pushed a commit to FordPrfkt/openhab-addons that referenced this pull request Apr 20, 2023
@wborn @FordPrfkt
Resolve runbundles and fix tests (openhab#14588)
1386cb9 
Related to:

* openhab/openhab-core#3433
* openhab/openhab-core#3446
* openhab/openhab-core#3450

Some tests were updated because private lifecycle methods (annotated with @BeforeAll, @afterall, @beforeeach, or @AfterEach) now lead to an exception.

See: https://junit.org/junit5/docs/current/release-notes/index.html#deprecations-and-breaking-changes-3

Signed-off-by: Wouter Born <github@maindrain.net>
splatch pushed a commit to ConnectorIO/copybara-hab-core that referenced this pull request Jul 12, 2023
@wborn @splatch
Upgrade XStream to 1.4.20 (openhab#3446)
c927cb3 
This addresses CVE-2022-40151 and CVE-2022-41966, see:

https://x-stream.github.io/changes.html#1.4.20

This version also fixes an issue with closing streams so the workaround in GenerateDefaultTranslationsMojoTest is no longer needed.

Signed-off-by: Wouter Born <github@maindrain.net>
GitOrigin-RevId: 0c792ec
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@J-N-K J-N-K J-N-K approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file security
Projects
None yet
Milestone
4.0
Development

Successfully merging this pull request may close these issues.
2 participants
@wborn @J-N-K