Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix CVEs CVE-2022-42003, CVE-2021-46877, CVE-2022-42004, CVE-2020-36518 #425

Closed
wants to merge 21 commits into from
Closed

fix CVEs CVE-2022-42003, CVE-2021-46877, CVE-2022-42004, CVE-2020-36518 #425

wants to merge 21 commits into from

Conversation

rishabhbits038
Copy link

Updated com.fasterxml.jackson.core:jackson-databind to 2.13.5 to fix CVEs CVE-2022-42003, CVE-2021-46877, CVE-2022-42004, CVE-2020-36518

ragepati and others added 21 commits December 15, 2021 08:23
@ragepati
CCLOG-1308: Bump connector version to address log4j CVE (#8) (#9)
40f778c 
* CCLOG-1210: Enable Jenkins

* CCLOG-1210: Validations for Splunk access (#5)

* CCLOG-1226: Remove unnecessary logs (#6)

* CCLOG-1274: Avoid logging config, data by default (#7)

* CCLOG-1308: Bump connector version to address log4j CVE
@ragepati
CCLOG-1248: Validate Splunk host and token separately (#10)
2924560
@ragepati
CCLOG-1248: Bump up Splunk Sink connector version (#11)
dc0b459
@naveenmall11
RCCA-9576 validate in case of success response
d1e7f95
@naveenmall11
adding test
afb03b7
@naveenmall11
Merge pull request #13 from confluentinc/CCLOG-2256
0fec638 
RCCA-9576 validate in case of success response
@naveenmall11
remove logging of record value
38486af
@naveenmall11
logging kafka partition info too
d609851
@naveenmall11
Merge pull request #14 from confluentinc/CCLOG-2106
2ed7c07 
remove logging of record value.
@rishabhbits038
Added timeout to httpclient in splunk sink
e92cd79
@rishabhbits038
Merge pull request #16 from confluentinc/CC-21127
776c603 
Added timeout to httpclient in splunk sink
@rishabhbits038
Adding timeout for httpclient
5042b72
@rishabhbits038
wip
9ac6db1
@rishabhbits038
Added connection timeout and connection request timeout to http client
616ed6b
@rishabhbits038
Added connection timeout and connection request timeout to httpclient
ed1c1fd
@rishabhbits038
Merge pull request #18 from confluentinc/RCCA-15799
4fb1cba 
Adding timeout for httpclient
@rishabhbits038
Added config to disable hostname verification (#19)
5591baa 
* Added config to disable hostname verification
@rishabhbits038
Revert "Added config to disable hostname verification (#19)" (#20)
cbd3e74 
This reverts commit 5591baa.
@rishabhbits038
updated snappy-java version to 1.1.10.5 to fix CVE (#23)
bb41364 
* updated snappy.java.version to 1.1.10.4 by updating connect-plugins-parent to 0.9.23
@rishabhbits038
Fixed CVEs CVE-2022-42003, CVE-2021-46877, CVE-2022-42004, CVE-2020-3…
84079db 
…6518
@rishabhbits038
updated com.fasterxml.jackson.core:jackson-databind to 2.13.5 to fix …
e773b27 
…CVEs CVE-2022-42003, CVE-2021-46877, CVE-2022-42004, CVE-2020-36518
@rishabhbits038 rishabhbits038 deleted the CC-25618 branch March 8, 2024 10:11
@rishabhbits038 rishabhbits038 restored the CC-25618 branch March 8, 2024 10:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@rishabhbits038 @ragepati @naveenmall11