highperfocused/lnd
1
0
Fork 0
mirror of https://github.com/lightningnetwork/lnd.git synced 2025-07-28 13:52:55 +02:00
Code Issues Packages Projects Releases Wiki Activity

mod: Upgraded xz library to FIX the CVE-2021-29482

Browse Source 
Included a replace directive to avoid using an high severity CVE
https://github.com/advisories/GHSA-25xm-hr59-7c27

This library is indirectly referenced and cannot be upgraded directly.

The https://github.com/fergusstrange/embedded-postgres/pull/42 was
merged to fix the CVE issue.
This commit is contained in:
naveen
2021-09-24 18:55:09 +00:00
parent 3385d38414
commit 04f57c6f57
5 changed files with 54 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
docs/release-notes/release-notes-0.14.0.md
View File

@@ -285,6 +285,8 @@ you.
* [Replace reference to JWT library with CVE](https://github.com/lightningnetwork/lnd/pull/5737)
* [Replace reference to XZ library with CVE](https://github.com/lightningnetwork/lnd/pull/5789)
* [Fixed restore backup file test flake with bitcoind](https://github.com/lightningnetwork/lnd/pull/5637).
* [Timing fix in AMP itest](https://github.com/lightningnetwork/lnd/pull/5725).