public/grafana
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
07bfa602f26419649f2938ac027ae596d78b0aec
grafana/pkg/storage
T
History
Mariell Hoversholm 07bfa602f2 App Platform: Pin bleve to fix CVE-2022-31022 (#102513) 
This pins Bleve to a soon-to-be v2.5.0 commit.

Fixes CVE-2022-31022. We can unpin when v2.5.0 releases (likely March 25th).
We do not need any new features or similar, though there are some fixes that are nice to receive.

We will **not** backport this fix as we aren't actually vulnerable to anything via CVE-2022-31022; we never use its code, nor does Bleve. The reason we are fixing this is to get Trivy to stop complaining.

Fixes: #97439
2025-03-20 11:19:57 +01:00
..
legacysql
fix(unified-storage): use new context for background operations (#102518)
2025-03-20 11:15:13 +01:00
secret/metadata
SecretsManager: Bootstrap API service (#102444)
2025-03-19 13:41:29 +01:00
unified
App Platform: Pin bleve to fix CVE-2022-31022 (#102513)
2025-03-20 11:19:57 +01:00