search

apache / incubator-heron

Apache Heron (Incubating) is a realtime, distributed, fault-tolerant stream processing engine from Twitter
https://heron.apache.org/
Apache License 2.0
3.65k stars 598 forks source link

Upgrade protobuf to 3.16.1 CVE-2021-22569 #3797

Closed thinker0 closed 2 years ago

thinker0 commented 2 years ago

Upgrade protobuf to 3.16.1 contains DoS vulnerability CVE-2021-22569, https://nvd.nist.gov/vuln/detail/CVE-2021-22569

./docker/scripts/test-unittest.sh darwin 0.20.5
INFO: Elapsed time: 1564.655s, Critical Path: 302.52s
INFO: 6146 processes: 2443 internal, 3703 local.
INFO: Build completed successfully, 6146 total actions
Test cases: finished with 1189 passing and 0 failing out of 1189 test cases

Executed 247 out of 247 tests: 247 tests pass.
INFO: Build completed successfully, 6146 total actions
Cleaning up scratch dir

Work

[v] python protobuf [v] java protobuf [v] centos7 Test

thinker0 commented 2 years ago

[v] python protobuf [v] java protobuf [v] centos7 Test

joshfischer1108 commented 2 years ago

Nice work, @thinker0. +1