Uploaded image for project: 'HBase'
  1. HBase
  2. HBASE-27585

Bump up jruby to 9.3.9.0 and related joni and jcodings to 2.1.43 and 1.0.57 respectively

    XMLWordPrintableJSON

Details

    • Reviewed

    Description

      Bump up Jruby to 9.3.9.0 to ensure compliance which has multiple CVEs fixed related to openssl,snakeyaml etc.

      • rdoc has been updated to 6.3.3 to fix all known CVEs. (#7396#7404)
      • rexml has been updated to 3.2.5 to fix all known CVEs. (#7395#7405)
      • jruby-openssl has been updated to 0.14.0 to fix weak HMAC key hashing in bouncycastle, which itself is updated to 1.71. (#7335#7385#7399)
      • psych has been updated to 3.3.4 to fix CVE-2022-38752 in the SnakeYAML library, which itself is updated to 1.33. (#7386#7388#7400)
      • rubygems has been updated to 3.2.33 and bundler updated to 2.2.33 to address CVE-2021-43809. (#7397#7401)

      Attachments

        Issue Links

          links to

          Web Link GitHub Pull Request #4992

          Activity

            People

              rajeshbabu Rajeshbabu Chintaguntla
              rajeshbabu Rajeshbabu Chintaguntla
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: