Skip to content
This repository was archived by the owner on Nov 12, 2024. It is now read-only.

fix: update log4j libs for synk issues#53

Merged
kotharironak merged 5 commits intomainfrom
update-log4j-libs
Jan 7, 2022
Merged

fix: update log4j libs for synk issues#53
kotharironak merged 5 commits intomainfrom
update-log4j-libs

Conversation

@kotharironak
Copy link
Copy Markdown
Contributor

Fixed the following issue:

Issues with no direct upgrade or patch:
  ✗ Arbitrary Code Execution [Medium Severity][https://snyk.io/vuln/SNYK-JAVA-ORGAPACHELOGGINGLOG4J-2327339] in org.apache.logging.log4j:log4j-core@2.17.0
    introduced by org.hypertrace.core.viewgenerator:view-generator-framework@0.3.9 > org.apache.logging.log4j:log4j-slf4j-impl@2.17.0 > org.apache.logging.log4j:log4j-core@2.17.0
  This issue was fixed in versions: 2.3.2, 2.12.4, 2.17.1

@kotharironak kotharironak requested review from a team, findingrish and ravisingal January 7, 2022 06:13
findingrish
findingrish previously approved these changes Jan 7, 2022
@codecov
Copy link
Copy Markdown

codecov Bot commented Jan 7, 2022

Codecov Report

Merging #53 (d62e557) into main (10cace2) will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@            Coverage Diff            @@
##               main      #53   +/-   ##
=========================================
  Coverage     61.76%   61.76%           
  Complexity       86       86           
=========================================
  Files            14       14           
  Lines           476      476           
  Branches         43       43           
=========================================
  Hits            294      294           
  Misses          163      163           
  Partials         19       19           
Flag Coverage Δ
unit 61.76% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.


Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 10cace2...d62e557. Read the comment docs.

@github-actions

This comment has been minimized.

@github-actions

This comment has been minimized.

@github-actions

This comment has been minimized.

@kotharironak kotharironak merged commit 2770149 into main Jan 7, 2022
@kotharironak kotharironak deleted the update-log4j-libs branch January 7, 2022 13:54
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Jan 7, 2022

Unit Test Results

  5 files  ±0    5 suites  ±0   8s ⏱️ -1s
11 tests ±0  11 ✔️ ±0  0 💤 ±0  0 ❌ ±0 

Results for commit 2770149. ± Comparison against base commit 10cace2.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants