[
https://issues.apache.org/jira/browse/KNOX-3078?focusedWorklogId=950668&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-950668
]
ASF GitHub Bot logged work on KNOX-3078:
----------------------------------------
Author: ASF GitHub Bot
Created on: 02/Jan/25 13:53
Start Date: 02/Jan/25 13:53
Worklog Time Spent: 10m
Work Description: basapuram-kumar opened a new pull request, #974:
URL: https://github.com/apache/knox/pull/974
Bumps [protobuf-java](https://github.com/protocolbuffers/protobuf) from
3.16.3 to 3.25.5.
## What changes were proposed in this pull request?
This PR addresses the bump up the protobuf-jaav to 3.25.5, for more details
please refer the jira
[KNOX-3078](https://issues.apache.org/jira/browse/KNOX-3078)
## How was this patch tested?
This patch was tested with the protobuf-3.25.5 version on a cluster, and its
working fine as expected.
Issue Time Tracking
-------------------
Worklog Id: (was: 950668)
Remaining Estimate: 0h
Time Spent: 10m
> Bumpup protobuf to 3.25.5
> -------------------------
>
> Key: KNOX-3078
> URL: https://issues.apache.org/jira/browse/KNOX-3078
> Project: Apache Knox
> Issue Type: Improvement
> Affects Versions: 1.6.0
> Reporter: Basapuram Kumar
> Priority: Major
> Time Spent: 10m
> Remaining Estimate: 0h
>
> Upgrade protobuf-java to 3.25.5 due to cve-2024-7254.
>
> CVE-2024-7254 references
> [https://nvd.nist.gov/vuln/detail/cve-2024-7254]
> [https://github.com/advisories/GHSA-735f-pc8j-v9w8]
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
