Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

Update all dependencies for Sunflower (R1-2025) fixing CVE-2024-29025

Description

The indirect netty update fixes this HttpPostRequestDecoder OOM vulnerability:

https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v

CSP Request Details

None

CSP Rejection Details

None

Potential Workaround

None

Checklist

hide

Activity

Show:

Charlotte Whitt March 19, 2025 at 7:23 PM

That sounds all good to me smiling face with smiling eyes

Julian Ladisch March 19, 2025 at 1:09 PM

Hi Charlotte, GitHub has the policy that the person that has opened the pull request cannot review it. Therefore I cannot review my own pull request. But I can merge it without code review.

Charlotte Whitt March 19, 2025 at 12:01 PM

Hi and - will one of you be able to do the code review so we can get the ticket closed?

Details

Assignee

Reporter

Priority

Sprint

Development Team

Thor

Release

Sunflower (R1 2025) Bug Fix

RCA Group

TBD

TestRail: Cases

Open TestRail: Cases

TestRail: Runs

Open TestRail: Runs

Created March 14, 2025 at 6:28 PM
Updated 5 days ago
TestRail: Cases
TestRail: Runs

Flag notifications