Bump Prometheus agent version to pick up SnakeYAML fix

jboss-openshift / cct_module

CEKit modules shared by OpenShift container images

Apache License 2.0

45 stars 79 forks source link

Bump Prometheus agent version to pick up SnakeYAML fix #387

Closed jmtd closed 3 years ago

jmtd commented 3 years ago

The new artefact contains a shaded SnakeYAML with a fix for CVE-2017-18640.

jmtd commented 3 years ago

If we want to ship this in a micro version update of the OpenJDK containers, we will also need to create a branch 0.41.x (from tag 0.41.0) and cherry-pick this over to that branch.