optimize: upgrade protobuf version from 3.25.4 to 3.25.5 #7202
Conversation
funky-eyes
added
first-time contributor
changes/en-us/2.x.md
Outdated
| - [[#7150](https://github.com/apache/incubator-seata/pull/7150)] The time difference between the raft node and the follower node cannot synchronize data | ||
| - [[#7102](https://github.com/apache/incubator-seata/pull/7150)] bugfix: modify XA mode pre commit transaction from commit phase to before close phase | ||
| - [[#7188](https://github.com/apache/incubator-seata/pull/7188)] bugfix: Fix missing branchType in BusinessActionContext | ||
| - [[#7201](https://github.com/apache/incubator-seata/issues/7201)] bugfix: update protobuf.version from 3.25.4 to 3.25.5 to resolve potential DoS issue |
There was a problem hiding this comment.
I think this PR belongs to the security category. What do you think?
Thanks to these contributors for their code commits. Please report an unintended omission.
There was a problem hiding this comment.
Yes, that makes sense. I have updated the change log
There was a problem hiding this comment.
IMHO, @funky-eyes ’ suggestion makes sense.
@s-ramyalakshmi
please add changes in below file too :)
https://github.com/apache/incubator-seata/blob/2.x/changes/zh-cn/2.x.md
There was a problem hiding this comment.
@YongGoose Thanks for letting me know. I have added changes to zh-cn folder as well.
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## 2.x #7202 +/- ##
============================================
- Coverage 51.69% 51.66% -0.03%
+ Complexity 6841 6837 -4
============================================
Files 1169 1169
Lines 41585 41585
Branches 4871 4871
============================================
- Hits 21496 21486 -10
- Misses 18041 18050 +9
- Partials 2048 2049 +1 🚀 New features to boost your workflow:
|
slievrly
left a comment
slievrly
left a comment
There was a problem hiding this comment.
Thanks for your contribution! It's great to see Seata becoming a global open source community.
slievrly
changed the title
|
Hi, Would rebuilding help in passing the check? |
|
If you're using the DingTalk app, please send your DingTalk account to my email at |
I have sent you an email. Thank you! |
I apologize for the late reply, but I've searched through my inbox and couldn't find any email from you. I'm quite confused about this. Would you mind sending the email again? |
5 participants
Ⅰ. Describe what this PR did
Resolved potential Denial of Service issue of protobuf-java by upgrading the version from 3.25.4 to 3.25.5.
Ⅱ. Does this pull request fix one issue?
fixes #7201
Ⅲ. Why don't you add test cases (unit test/integration test)?
N/A
Ⅳ. Describe how to verify it
Ⅴ. Special notes for reviews