Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependencies to mitigate scanner-detected vulnerabilities #266

Closed
wants to merge 2 commits into from
Closed

Update dependencies to mitigate scanner-detected vulnerabilities #266

wants to merge 2 commits into from

Conversation

robmoore-i
Copy link

@robmoore-i robmoore-i commented Oct 3, 2024
edited
Loading

Hi folks,

I don't know if this naive change actually works by itself, but if it does and it's not too much trouble, could you publish a new version that mitigates this vulnerability? It's marked in scanners as 'critical' which makes it a bit problematic for us to use.

The Grafana vulnerability in question: https://grafana.com/security/security-advisories/cve-2024-8986/

@robmoore-i
Update grafana-plugin-sdk-go to mitigate CVE-2024-8986
833ba30 
Hi folks,

I don't know if this naive change actually works by itself, but if it does and it's not too much trouble, could you publish a new version that mitigates this vulnerability? It's marked in scanners as 'critical' which makes it a bit problematic for us to use.

See: https://grafana.com/security/security-advisories/cve-2024-8986/
@cla-bot cla-bot
Copy link

cla-bot bot commented Oct 3, 2024

Thank you for your pull request and welcome to the Trino community. We require contributors to sign our Contributor License Agreement, and we don't seem to have you on file. Continue to work with us on the review and improvements in this PR, and submit the signed CLA to [email protected]. Photos, scans, or digitally-signed PDF files are all suitable. Processing may take a few days. The CLA needs to be on file before we merge your changes. For more information, see https://github.com/trinodb/cla

@cla-bot cla-bot
Copy link

cla-bot bot commented Oct 3, 2024

Thank you for your pull request and welcome to the Trino community. We require contributors to sign our Contributor License Agreement, and we don't seem to have you on file. Continue to work with us on the review and improvements in this PR, and submit the signed CLA to [email protected]. Photos, scans, or digitally-signed PDF files are all suitable. Processing may take a few days. The CLA needs to be on file before we merge your changes. For more information, see https://github.com/trinodb/cla

@robmoore-i robmoore-i changed the title Update grafana-plugin-sdk-go to mitigate CVE-2024-8986 Update dependencies to mitigate scanner-detected vulnerabilities Oct 3, 2024
@robmoore-i
Copy link
Author

Closing in favour of #244

@robmoore-i robmoore-i closed this Oct 4, 2024
@robmoore-i robmoore-i deleted the patch-1 branch October 4, 2024 04:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@robmoore-i