Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrading libthrift to a newer version, security vulnerabilities #363

Open
jospint opened this issue Mar 28, 2023 · 1 comment
Open

Upgrading libthrift to a newer version, security vulnerabilities #363

jospint opened this issue Mar 28, 2023 · 1 comment

Comments

@jospint
Copy link

jospint commented Mar 28, 2023
edited
Loading

Hi there,

Are there any plans to upgrade Scrooge (and by extension, Finagle) to a newer version of libthrift? The version currently supported is 0.10.0, released in February 2017 and it is affected by 5 security vulnerabilities.

EDIT: Snyk created a pull request for it in January: #357
@rtyley
Copy link

rtyley commented Mar 12, 2024

Snyk created a pull request for it in January: #357

Note that this PR was an automated one that didn't update '0.10.0 all the right places - #367 is a fuller attempt.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rtyley @jospint