Skip to content

Update psutils to address security issue #12631

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Mar 17, 2020
Merged

Update psutils to address security issue #12631

merged 1 commit into from
Mar 17, 2020

Conversation

adbridge
Copy link
Contributor

Summary of changes

There is a security vulnerability for versions of psutils < 5.6.6. This PR upgrades mbed-os to use this version.

Impact of changes

Closes the security vulnerability.

Migration actions required

Documentation

Pull request type 

[x] Patch update (Bug fix / Target update / Docs update / Test update / Refactor)
[] Feature update (New feature / Functionality change / New API)
[] Major update (Breaking change E.g. Return code change / API behaviour change)

Test results 

[] No Tests required for this change (E.g docs only update)
[x] Covered by existing mbed-os tests (Greentea or Unittest)
[] Tests / results supplied as part of this PR

Reviewers

@adbridge
Update psutils to address security issue
6d6c119 
Needs to be at least 5.6.6
@adbridge
Copy link
Contributor Author

@madchutney @mark-edgeworth guys will this have any kind of negative impact on the tools ?

madchutney
madchutney approved these changes Mar 16, 2020
View reviewed changes
Copy link
Contributor

@madchutney madchutney left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Its 89% compatible with the earlier version according to dependabot.

mark-edgeworth
mark-edgeworth approved these changes Mar 16, 2020
View reviewed changes
Copy link
Contributor

@mark-edgeworth mark-edgeworth left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should 'only' be a patch, so should not affect functionality.

@mergify mergify bot added the needs: CI label Mar 16, 2020
@0xc0170
Copy link
Contributor

0xc0170 commented Mar 17, 2020

CI started

@mbed-ci
Copy link

mbed-ci commented Mar 17, 2020

Test run: SUCCESS

Summary: 7 of 7 test jobs passed
Build number : 1
Build artifacts

@0xc0170 0xc0170 merged commit ca7d033 into master Mar 17, 2020
@mergify mergify bot removed the ready for merge label Mar 17, 2020
@0xc0170 0xc0170 deleted the reqs branch October 5, 2021 08:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mark-edgeworth mark-edgeworth mark-edgeworth approved these changes

@0xc0170 0xc0170 0xc0170 approved these changes

@madchutney madchutney madchutney approved these changes

Assignees
No one assigned
Labels
release-version: 6.0.0-beta-1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@adbridge @0xc0170 @mbed-ci @mark-edgeworth @madchutney