Skip to content

update jose4j and corresponding license file#16078

Merged
xvrl merged 1 commit intoapache:masterfrom
janjwerner-confluent:update-jose4j
Mar 8, 2024
Merged

update jose4j and corresponding license file#16078
xvrl merged 1 commit intoapache:masterfrom
janjwerner-confluent:update-jose4j

Conversation

@janjwerner-confluent
Copy link
Copy Markdown
Contributor

@janjwerner-confluent janjwerner-confluent commented Mar 8, 2024
edited
Loading

Description

Update org.bitbucket.b_c:jose4j from 0.9.3 to 0.9.6. to resolve https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51775

This resolves #16075

This PR has:

  • been self-reviewed.
  • added documentation for new or modified features or behaviors.
  • a release note entry in the PR description.
  • added Javadocs for most classes and all non-trivial methods. Linked related entities via Javadoc links.
  • added or updated version, license, or notice information in licenses.yaml
  • added comments explaining the "why" and the intent of the code wherever would not be obvious for an unfamiliar reader.
  • added unit tests or modified existing tests to cover new code paths, ensuring the threshold for code coverage is met.
  • added integration tests.
  • been tested in a test Druid cluster.

@xvrl xvrl merged commit 834a0ad into apache:master Mar 8, 2024
@janjwerner-confluent janjwerner-confluent deleted the update-jose4j branch March 8, 2024 15:46
pagrawal10 pushed a commit to confluentinc/druid that referenced this pull request Apr 2, 2024
@janjwerner-confluent @pagrawal10
update jose4j and corresponding license file (apache#16078)
f00bc4d 
Update org.bitbucket.b_c:jose4j from 0.9.3 to 0.9.6. to resolve https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51775

fixes apache#16075
@pagrawal10 pagrawal10 mentioned this pull request Apr 2, 2024
Merged
10 tasks
pagrawal10 pushed a commit to confluentinc/druid that referenced this pull request Apr 2, 2024
@janjwerner-confluent @pagrawal10
update jose4j and corresponding license file (apache#16078)
6bc11f7 
Update org.bitbucket.b_c:jose4j from 0.9.3 to 0.9.6. to resolve https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51775

fixes apache#16075
@adarshsanjeev adarshsanjeev added this to the 30.0.0 milestone May 6, 2024
@adarshsanjeev adarshsanjeev mentioned this pull request May 28, 2024
Closed
kravii pushed a commit to acceldata-io/druid that referenced this pull request Mar 19, 2026
@janjwerner-confluent @kravii
update jose4j and corresponding license file (apache#16078)
ff8896a 
Update org.bitbucket.b_c:jose4j from 0.9.3 to 0.9.6. to resolve https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51775

fixes apache#16075

(cherry picked from commit 834a0ad)
prabhjyotsingh pushed a commit to acceldata-io/druid that referenced this pull request Mar 19, 2026
@kravii @janjwerner-confluent
update jose4j and corresponding license file (apache#16078) (#72)
89e86c3 
Update org.bitbucket.b_c:jose4j from 0.9.3 to 0.9.6. to resolve https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51775

fixes apache#16075

(cherry picked from commit 834a0ad)

Co-authored-by: Jan Werner <105367074+janjwerner-confluent@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@xvrl xvrl xvrl approved these changes

Assignees

No one assigned

Labels

Area - Dependencies

Projects

None yet

Milestone

30.0.0

Development

Successfully merging this pull request may close these issues.

3 participants

@janjwerner-confluent @xvrl @adarshsanjeev