Loading...

XML

Word

Printable

JSON

Type: Task
Resolution: Fixed
Priority: Major - P3
Fix Version/s: 8.1.0-rc0
Affects Version/s: None
Component/s: None
Labels:
- FY2025Q4
- wins

Assigned Teams:

DevProd Build
Backwards Compatibility:
Fully Compatible
Backport Requested:

v8.0
Confidence Status:
None
Work Order:
3

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name:
None
Goal Link:
None

There is a new vulnerability in gRPC v1.59.2, CVE-2024-7246 , which is fixed in v1.59.5. We will want to upgrade gRPC before releasing it into production binaries to mitigate this CVE.

It was not reported through a VULN ticket due to an ongoing bug in Silk, but I was notified of this on DEVPROD-9869.

is depended on by

SERVER-80343 Enable building gRPC on all SSL Linux variants

Closed

is related to

SERVER-95368 Upgrade c-ares library

Closed

Assignee:: Daniel Moody
Reporter:: Erin McNulty
Participants:: Daniel Moody, Erin McNulty, Githook User
Votes:: 0 Vote for this issue
Watchers:: 3 Start watching this issue

Created:: Sep 10 2024 01:48:33 PM UTC
Updated:: Feb 05 2025 05:59:22 PM UTC
Resolved:: Jan 23 2025 05:40:46 PM UTC

Details

Description

Attachments

Issue Links

Activity

People

Dates