Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[202012][Security][CVE-2022-2309] Upgrade lxml from 4.6.3 to 4.9.1 #14066

Merged
merged 1 commit into from
Mar 7, 2023
Merged

[202012][Security][CVE-2022-2309] Upgrade lxml from 4.6.3 to 4.9.1 #14066

merged 1 commit into from
Mar 7, 2023

Conversation

xumia
Copy link
Collaborator

@xumia xumia commented Mar 3, 2023
edited
Loading

Why I did it

Fix CVE-2022-2309, upgrade lxml from 4.6.3 to 4.9.1

How I did it

How to verify it

Which release branch to backport (provide reason below if selected)

  • 201811
  • 201911
  • 202006
  • 202012
  • 202106
  • 202111
  • 202205
  • 202211

Description for the changelog

Ensure to add label/tag for the feature raised. example - PR#2174 under sonic-utilities repo. where, Generic Config and Update feature has been labelled as GCU.

Link to config_db schema for YANG module changes

A picture of a cute animal (not mandatory but encouraged)

@xumia xumia requested a review from qiluo-msft March 3, 2023 07:31
@xumia xumia changed the title [202012][Security][CVE-2022-2309] Upgrade lxml from 4.6.5 to 4.9.1 [202012][Security][CVE-2022-2309] Upgrade lxml from 4.6.3 to 4.9.1 Mar 3, 2023
@xumia xumia marked this pull request as ready for review March 6, 2023 01:06
@xumia xumia mentioned this pull request Mar 6, 2023
Merged
@qiluo-msft qiluo-msft force-pushed the 202012 branch 2 times, most recently from 6fd3d83 to 06be005 Compare March 6, 2023 21:43
@xumia xumia enabled auto-merge (squash) March 7, 2023 05:02
@xumia xumia merged commit 2ca6ec4 into sonic-net:202012 Mar 7, 2023
@xumia xumia deleted the fix-lxml-202012 branch March 7, 2023 09:43
github-actions bot pushed a commit to liushilongbuaa/sonic-buildimage that referenced this pull request Aug 29, 2023
@xumia @qiluo-msft
[202012][Security][CVE-2022-2309] Upgrade lxml from 4.6.5 to 4.9.1 (s…
83b5fd3 
…onic-net#14066)

Why I did it
Fix CVE-2022-2309, upgrade lxml from 4.6.3 to 4.9.1
github-actions bot pushed a commit to liushilongbuaa/sonic-buildimage that referenced this pull request Aug 29, 2023
@xumia
Merged PR 7797859: Merge the commits from sonic-net/sonic-buildimage …
b0fd3fc 
…202012 to internal-202012

Merge the commits from sonic-net/sonic-buildimage 202012 to internal-202012

Related work items: sonic-net#279, sonic-net#2666, sonic-net#2686, sonic-net#2692, sonic-net#12684, sonic-net#13803, sonic-net#13805, sonic-net#13911, sonic-net#13926, sonic-net#13930, sonic-net#13992, sonic-net#14006, sonic-net#14009, sonic-net#14012, sonic-net#14013, sonic-net#14025, sonic-net#14056, sonic-net#14066, sonic-net#14080, sonic-net#14111, sonic-net#14137, sonic-net#14138, sonic-net#14171, sonic-net#14202, sonic-net#14205, sonic-net#14220, sonic-net#14241
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@qiluo-msft qiluo-msft qiluo-msft approved these changes

Assignees
No one assigned
Labels
Security 🛡️
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@xumia @qiluo-msft