-
Notifications
You must be signed in to change notification settings - Fork 61
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix for CVE-2023-50570(Bumping up to latest version of ipaddress library) #1339
Conversation
Signed-off-by: Mohit Kumar <[email protected]>
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #1339 +/- ##
============================================
- Coverage 76.74% 76.34% -0.40%
+ Complexity 1049 1048 -1
============================================
Files 141 141
Lines 4782 4782
Branches 526 526
============================================
- Hits 3670 3651 -19
- Misses 760 776 +16
- Partials 352 355 +3 ☔ View full report in Codecov by Sentry. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. Can you fix the PR description.
Thanks Mohit |
…ary (#1339) Signed-off-by: Mohit Kumar <[email protected]> (cherry picked from commit bfbfdc6)
The backport to
To backport manually, run these commands in your terminal: # Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add .worktrees/backport-2.x 2.x
# Navigate to the new working tree
cd .worktrees/backport-2.x
# Create a new branch
git switch --create backport/backport-1339-to-2.x
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 bfbfdc608e0ba668d658c07ff67412d854011721
# Push it to GitHub
git push --set-upstream origin backport/backport-1339-to-2.x
# Go back to the original working tree
cd ../..
# Delete the working tree
git worktree remove .worktrees/backport-2.x Then, create a pull request where the |
…ary (#1339) (#1340) Signed-off-by: Mohit Kumar <[email protected]> (cherry picked from commit bfbfdc6) Co-authored-by: Mohit Kumar <[email protected]>
The backport to
To backport manually, run these commands in your terminal: # Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add .worktrees/backport-1.3 1.3
# Navigate to the new working tree
cd .worktrees/backport-1.3
# Create a new branch
git switch --create backport/backport-1339-to-1.3
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 bfbfdc608e0ba668d658c07ff67412d854011721
# Push it to GitHub
git push --set-upstream origin backport/backport-1339-to-1.3
# Go back to the original working tree
cd ../..
# Delete the working tree
git worktree remove .worktrees/backport-1.3 Then, create a pull request where the |
The backport to
To backport manually, run these commands in your terminal: # Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add .worktrees/backport-1.x 1.x
# Navigate to the new working tree
cd .worktrees/backport-1.x
# Create a new branch
git switch --create backport/backport-1339-to-1.x
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 bfbfdc608e0ba668d658c07ff67412d854011721
# Push it to GitHub
git push --set-upstream origin backport/backport-1339-to-1.x
# Go back to the original working tree
cd ../..
# Delete the working tree
git worktree remove .worktrees/backport-1.x Then, create a pull request where the |
…ary (opensearch-project#1339) (opensearch-project#1340) Signed-off-by: Mohit Kumar <[email protected]> (cherry picked from commit bfbfdc6) Co-authored-by: Mohit Kumar <[email protected]>
Description
Bumping up to latest version of ipaddress library to fix CVE-2023-50570 mentioned below
Issues Resolved
Fixes this CVE (https://nvd.nist.gov/vuln/detail/CVE-2023-50570)
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.