Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Updating dependency for new VTK release to remove vulnerability #326

Merged
merged 1 commit into from
Aug 31, 2023

Conversation

raph-luc
Copy link
Member

New VTK release candidate finally available

Closes #289

@raph-luc raph-luc marked this pull request as ready for review August 30, 2023 18:50
@raph-luc raph-luc force-pushed the maint/vtk-vulnerability branch from 316d3f2 to d10494b Compare August 30, 2023 18:53
@mkundu1
Copy link
Collaborator

mkundu1 commented Aug 30, 2023

Shall we wait till the final 9.3.0 release (Sep 8) - https://discourse.vtk.org/t/vtk-9-3-0-release-cycle/11598/5?

@raph-luc
Copy link
Member Author

Good question, I thought it'd be best to update ASAP to get rid of the vulnerability and not wait until the final release comes out with its potential long delays (considering rc2 should've come out August 11 and was set for June 22 before that, and still hasn't been released, seems like there may be quite a delay). It doesn't look like this release candidate is breaking any tests here.

I think that if the vulnerabilities aren't causing any significant issues/concerns right now on our side, we may as well wait if you prefer.

@mkundu1
Copy link
Collaborator

mkundu1 commented Aug 30, 2023

Good question, I thought it'd be best to update ASAP to get rid of the vulnerability and not wait until the final release comes out with its potential long delays (considering rc2 should've come out August 11 and was set for June 22 before that, and still hasn't been released, seems like there may be quite a delay). It doesn't look like this release candidate is breaking any tests here.

I think that if the vulnerabilities aren't causing any significant issues/concerns right now on our side, we may as well wait if you prefer.

Thanks for the details. Yeah, the updated timetable also seems to be getting delayed. So, let's merge this now. We would also need to do a release.

@raph-luc raph-luc merged commit ec8df87 into main Aug 31, 2023
@raph-luc raph-luc deleted the maint/vtk-vulnerability branch August 31, 2023 12:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Update VTK dependencies for CVE-2022-37434
4 participants