Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-48273

Backport CVE fixes from yaml-cpp v0.6.3 to v0.6.2

    • Type: Icon: Task Task
    • Resolution: Fixed
    • Priority: Icon: Major - P3 Major - P3
    • 4.4.0-rc7, 4.7.0
    • Affects Version/s: 4.5 Desired
    • Component/s: Build
    • None
    • Fully Compatible
    • Dev Platform 2020-06-01

      We had a request to upgrade yaml-cpp to 0.6.3+ to get some CVE fixes (see SERVER-44081). Unfortunately, at least one unfixed breaking change is preventing us from doing that right now (see SERVER-43980). What we will do instead is to backport the CVE fixes and then see if we can work with the devloper to get a version 0.6.4+ released that we can build against.

            Assignee:
            ryan.egesdahl@mongodb.com Ryan Egesdahl (Inactive)
            Reporter:
            ryan.egesdahl@mongodb.com Ryan Egesdahl (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: