[SERVER-56966] blackduck - Handle incorrect yaml-cpp and boost versions Created: 14/May/21  Updated: 29/Oct/23  Resolved: 03/Jun/21

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 5.0.0-rc1, 5.1.0-rc0

Type: Bug Priority: Major - P3
Reporter: Mark Benvenuto Assignee: Mark Benvenuto
Resolution: Fixed Votes: 0
Labels: post-rc0
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Backports
Depends
Backwards Compatibility: Fully Compatible
Operating System: ALL
Backport Requested:
v5.0
Sprint: Security 2021-05-31, Security 2021-06-14
Participants:
Linked BF Score: 70

 Description   

yaml-cpp uses #.#.# but there are some entires with #.#.#.# so later needs to be filtered out

All boost versions for the last 10 years start with 1.x.x. Black Duck thinks some
version are 4.x.x which are bogus and throws off the sorting.



 Comments   
Comment by Vivian Ge (Inactive) [ 06/Oct/21 ]

Updating the fixversion since branching activities occurred yesterday. This ticket will be in rc0 when it’s been triggered. For more active release information, please keep an eye on #server-release. Thank you!

Comment by Githook User [ 02/Jun/21 ]

Author:

{'name': 'Mark Benvenuto', 'email': 'mark.benvenuto@mongodb.com', 'username': 'markbenvenuto'}

Message: SERVER-56966 blackduck - Handle incorrect yaml-cpp and boost versions

(cherry picked from commit 361d2c6b97d2e0c3cc80040e2cf555e68d185952)
Branch: v5.0
https://github.com/mongodb/mongo/commit/69564b219da39afa1143009db4e9c58d21e337fb

Comment by Githook User [ 24/May/21 ]

Author:

{'name': 'Mark Benvenuto', 'email': 'mark.benvenuto@mongodb.com', 'username': 'markbenvenuto'}

Message: SERVER-56966 blackduck - Handle incorrect yaml-cpp and boost versions
Branch: master
https://github.com/mongodb/mongo/commit/361d2c6b97d2e0c3cc80040e2cf555e68d185952

Generated at Thu Feb 08 05:40:38 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.