Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade jquery to 1.6.3 due to CVE-2011-4969 #3012

Merged
merged 3 commits into from
Jul 15, 2024
Merged

Upgrade jquery to 1.6.3 due to CVE-2011-4969 #3012

merged 3 commits into from
Jul 15, 2024

Conversation

Astralidea
Copy link
Contributor

What is the purpose of the change

(For example: This pull request improves file read performance by buffering data, fixing AVRO-XXXX.)
Our security scanning software has found some security issues, so we want to update the relevant version library. Do we need to raise a JIRA issue?

Verifying this change

This change is a trivial rework / code cleanup without any test coverage.

Documentation

  • Does this pull request introduce a new feature? (no)

@github-actions github-actions bot added the Java Pull Requests for Java binding label Jul 9, 2024
@Astralidea Astralidea changed the title Upgrade jquery to 1.6.2 due to CVE-2011-4969 Upgrade jquery to 1.6.3 due to CVE-2011-4969 Jul 9, 2024
@github-actions github-actions bot added the build label Jul 9, 2024
Fokko
Fokko approved these changes Jul 15, 2024
View reviewed changes
Copy link
Contributor

@Fokko Fokko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

➜  avro-jquery curl https://raw.githubusercontent.com/apache/avro/f2d0fcf8bfafec2cc155dba2c7fd25ec028b6d16/lang/java/ipc/src/main/velocity/org/apache/avro/ipc/stats/static/jquery-1.6.3.min.js > jquery.github.js
curl https://code.jquery.com/jquery-1.6.3.min.js > jquery.cdn.js
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 91626  100 91626    0     0  1361k      0 --:--:-- --:--:-- --:--:-- 1376k
drwxr-xr-x   5 fokko.driesprong  wheel   160B Jul 15 09:22 .
drwxrwxrwt  15 root              wheel   480B Jul 15 09:21 ..
-rw-r--r--   1 fokko.driesprong  wheel    89K Jul 15 09:22 jquery.cdn.js
-rw-r--r--   1 fokko.driesprong  wheel    89K Jul 15 09:21 jquery.github.js
➜  avro-jquery diff jquery.cdn.js jquery.github.js 
➜  avro-jquery echo $?
0

@Fokko Fokko merged commit cb8610e into apache:main Jul 15, 2024
8 checks passed
@Fokko
Copy link
Contributor

Fokko commented Jul 15, 2024

Thanks @Gerrit0 for fixing this 👍

@Gerrit0
Copy link
Contributor

Gerrit0 commented Jul 15, 2024

Wasn't me this time - all credit to @Astralidea

@Fokko
Copy link
Contributor

Fokko commented Jul 15, 2024

@Gerrit0 Thank you, you popped up first, sorry for that. Thanks @Astralidea 🙌 much appreciated!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Gerrit0 Gerrit0 Gerrit0 left review comments

@martin-g martin-g martin-g approved these changes

@Fokko Fokko Fokko approved these changes

Assignees
No one assigned
Labels
build Java Pull Requests for Java binding
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@Astralidea @Fokko @Gerrit0 @martin-g