[
https://issues.apache.org/jira/browse/KNOX-3078?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18004067#comment-18004067
]
ASF subversion and git services commented on KNOX-3078:
-------------------------------------------------------
Commit 1ecde8dab1c606cceac11ef0d716aa6ac5542c35 in knox's branch
refs/heads/dependabot/npm_and_yarn/knox-token-generation-ui/multi-635efc449e
from Raghav-Mah3shwari
[ https://gitbox.apache.org/repos/asf?p=knox.git;h=1ecde8dab ]
KNOX-3078: Bumpup protobuf to 3.25.5 (#1050)
Co-authored-by: Raghav Maheshwari <[email protected]>
> Bumpup protobuf to 3.25.5
> -------------------------
>
> Key: KNOX-3078
> URL: https://issues.apache.org/jira/browse/KNOX-3078
> Project: Apache Knox
> Issue Type: Improvement
> Affects Versions: 1.6.0
> Reporter: Basapuram Kumar
> Priority: Major
> Time Spent: 40m
> Remaining Estimate: 0h
>
> Upgrade protobuf-java to 3.25.5 due to cve-2024-7254.
>
> CVE-2024-7254 references
> [https://nvd.nist.gov/vuln/detail/cve-2024-7254]
> [https://github.com/advisories/GHSA-735f-pc8j-v9w8]
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
