Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix dependencies vulnerabilities (protobuf-java-3.19.4.jar in mysql:mysql-connector-java) #92

Open
if0s opened this issue Nov 3, 2022 · 2 comments
Open

Fix dependencies vulnerabilities (protobuf-java-3.19.4.jar in mysql:mysql-connector-java) #92

if0s opened this issue Nov 3, 2022 · 2 comments

Comments

@if0s
Copy link
Contributor

if0s commented Nov 3, 2022

Internal Issue/Enhancement

Description

Currently, vulnerability with protobuf-java-3.19.4.jar placed in dependencyCheck-suppression, needs to be fixed after new mysql-connector-java release
@andrewreshitko
Copy link

andrewreshitko commented Nov 3, 2022
edited
Loading

Awaiting for mysql update.
Related Slack conversation

A3a3e1 added a commit that referenced this issue Nov 14, 2022
@A3a3e1
Add mysql to grype ignore #92
28382c7
@A3a3e1 A3a3e1 mentioned this issue Nov 14, 2022
Closed
@A3a3e1
Copy link
Contributor

A3a3e1 commented Nov 14, 2022

Need to delete this grype ignore file once the vulnerability is fixed in a newer lib version
https://github.com/elasticio/jdbc-component/blob/master/.grype-ignore.yaml

https://www.notion.so/elasticio/Components-build-configuration-requirements-5c0f86032f6347f38a0607feb2308ac3#0f5e57870e104141a11c541891524a67

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@if0s @A3a3e1 @andrewreshitko