[SERVER-48273] Backport CVE fixes from yaml-cpp v0.6.3 to v0.6.2 Created: 18/May/20 Updated: 29/Oct/23 Resolved: 20/May/20 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Build |
| Affects Version/s: | 4.5 Desired |
| Fix Version/s: | 4.4.0-rc7, 4.7.0 |
| Type: | Task | Priority: | Major - P3 |
| Reporter: | Ryan Egesdahl (Inactive) | Assignee: | Ryan Egesdahl (Inactive) |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||||||
| Sprint: | Dev Platform 2020-06-01 | ||||||||||||
| Participants: | |||||||||||||
| Description |
|
We had a request to upgrade yaml-cpp to 0.6.3+ to get some CVE fixes (see |
| Comments |
| Comment by Githook User [ 20/May/20 ] |
|
Author: {'name': 'Ryan Egesdahl', 'email': 'ryan.egesdahl@mongodb.com', 'username': 'deriamis'}Message: Backport the following yaml-cpp CVE fixes from version 0.6.3 to version 0.6.2:
Also, backport one fix from 0.6.3 for failing VS2017 builds. We were previously downloading a source archive for yaml-cpp. To support (cherry picked from commit 1845ea31140161354ff6308296bde3436d0bd5f9) |
| Comment by Githook User [ 20/May/20 ] |
|
Author: {'name': 'Ryan Egesdahl', 'email': 'ryan.egesdahl@mongodb.com', 'username': 'deriamis'}Message: Backport the following yaml-cpp CVE fixes from version 0.6.3 to version 0.6.2:
Also, backport one fix from 0.6.3 for failing VS2017 builds. We were previously downloading a source archive for yaml-cpp. To support |