Skip to content
This repository has been archived by the owner on Dec 23, 2024. It is now read-only.

fix(deps): update dependency ch.qos.logback:logback-core to v1.2.9 [security] #73

Merged
merged 1 commit into from
Aug 16, 2023
Merged

fix(deps): update dependency ch.qos.logback:logback-core to v1.2.9 [security] #73

merged 1 commit into from
Aug 16, 2023

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Mar 10, 2023
edited
Loading

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
ch.qos.logback:logback-core (source) 1.2.3 -> 1.2.9 age adoption passing confidence

⚠ Dependency Lookup Warnings ⚠

Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information.

GitHub Vulnerability Alerts

CVE-2021-42550

In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot changed the title Update dependency ch.qos.logback:logback-core to v1.2.9 [SECURITY] Update dependency ch.qos.logback:logback-core to v1.2.9 [SECURITY] - autoclosed Mar 27, 2023
@renovate renovate bot closed this Mar 27, 2023
@renovate renovate bot deleted the renovate/maven-ch.qos.logback-logback-core-vulnerability branch March 27, 2023 01:40
@renovate renovate bot changed the title Update dependency ch.qos.logback:logback-core to v1.2.9 [SECURITY] - autoclosed Update dependency ch.qos.logback:logback-core to v1.2.9 [SECURITY] Mar 27, 2023
@renovate renovate bot reopened this Mar 27, 2023
@renovate renovate bot restored the renovate/maven-ch.qos.logback-logback-core-vulnerability branch March 27, 2023 07:16
@renovate renovate bot changed the title Update dependency ch.qos.logback:logback-core to v1.2.9 [SECURITY] fix(deps): update dependency ch.qos.logback:logback-core to v1.2.9 [security] Apr 27, 2023
@renovate renovate bot changed the title fix(deps): update dependency ch.qos.logback:logback-core to v1.2.9 [security] Update dependency ch.qos.logback:logback-core to v1.2.9 [SECURITY] May 25, 2023
@renovate renovate bot changed the title Update dependency ch.qos.logback:logback-core to v1.2.9 [SECURITY] fix(deps): update dependency ch.qos.logback:logback-core to v1.2.9 [security] Jun 12, 2023
@renovate renovate bot force-pushed the renovate/maven-ch.qos.logback-logback-core-vulnerability branch from b128158 to f72f26e Compare August 16, 2023 20:26
@cprivitere cprivitere merged commit 98836db into main Aug 16, 2023
@cprivitere cprivitere deleted the renovate/maven-ch.qos.logback-logback-core-vulnerability branch August 16, 2023 20:28
# for free to subscribe to this conversation on GitHub. Already have an account? #.
Reviewers

@cprivitere cprivitere cprivitere approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@cprivitere