Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[submodule] Update submodule HEAD for sonic-mgmt-framework and sonic-telemetry #13112

Merged
merged 3 commits into from
Feb 7, 2023
Merged

[submodule] Update submodule HEAD for sonic-mgmt-framework and sonic-telemetry #13112

merged 3 commits into from
Feb 7, 2023

Conversation

liushilongbuaa
Copy link
Contributor

@liushilongbuaa liushilongbuaa commented Dec 20, 2022
edited
Loading

Why I did it

golang lib xmlquery v1.2.1 has critical security issue. MS Component Governance created an alert.
Update submodule HEAD to fix CG alert about CVE-2020-25614

How I did it

sonic-mgmt-framework

a72d9ee Fix CG alert CVE-2020-25614 about xmlquery v1.2.1 (#91)

sonic-telemetrey

727aefd Fix CG alert CVE-2020-25614 about xmlquery v1.2.1 (#107)

How to verify it

Which release branch to backport (provide reason below if selected)

  • 201811
  • 201911
  • 202006
  • 202012
  • 202106
  • 202111
  • 202205
  • 202211

Description for the changelog

Ensure to add label/tag for the feature raised. example - PR#2174 under sonic-utilities repo. where, Generic Config and Update feature has been labelled as GCU.

Link to config_db schema for YANG module changes

A picture of a cute animal (not mandatory but encouraged)

@liushilongbuaa
Copy link
Contributor Author

/azpw run Azure.sonic-buildimage

@mssonicbld
Copy link
Collaborator

/AzurePipelines run Azure.sonic-buildimage

@azure-pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@xumia
Copy link
Collaborator

xumia commented Dec 21, 2022

/azp run Azure.sonic-buildimage

@azure-pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@lguohan
Copy link
Collaborator

lguohan commented Jan 3, 2023

@qiluo-msft , this is submodule update, can you check and approve?

yxieca
yxieca reviewed Feb 1, 2023
View reviewed changes
.gitmodules Show resolved Hide resolved
yxieca
yxieca previously requested changes Feb 1, 2023
View reviewed changes
Copy link
Contributor

@yxieca yxieca left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why are you linking telmetry to gnmi?

qiluo-msft
qiluo-msft reviewed Feb 1, 2023
View reviewed changes
.gitmodules Show resolved Hide resolved
qiluo-msft
qiluo-msft reviewed Feb 1, 2023
View reviewed changes
.gitmodules Show resolved Hide resolved
@yxieca yxieca self-requested a review February 2, 2023 18:31
@qiluo-msft qiluo-msft dismissed yxieca’s stale review February 2, 2023 18:37

Offline discussed, and Ying will not request changes.

@yxieca yxieca merged commit 37922d5 into sonic-net:202205 Feb 7, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@qiluo-msft qiluo-msft qiluo-msft approved these changes

@lguohan lguohan Awaiting requested review from lguohan lguohan is a code owner

@ganglyu ganglyu Awaiting requested review from ganglyu

@yxieca yxieca Awaiting requested review from yxieca

@xumia xumia Awaiting requested review from xumia

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@liushilongbuaa @mssonicbld @xumia @lguohan @qiluo-msft @yxieca @ganglyu