Bump aiohttp to 3.8.5 to fix CVE-2023-37276 #2016

vavsab · 2023-09-12T16:38:54Z

Github issues should be used for bugs and feature requests. Use Stack Overflow for general "how-to" questions.

Version

4.14.4

Describe the bug

Need to bump aiohttp in botbuilder-integration-aiohttp to 3.8.5 to fix CVE-2023-37276

To Reproduce

N/A

Expected behavior

N/A

Screenshots

N/A

Additional context

N/A

microsoft#2016

vavsab · 2023-10-03T11:49:20Z

Repo is dead. Applied fixes inside of the fork.

vavsab added bug Indicates an unexpected problem or an unintended behavior. needs-triage The issue has just been created and it has not been reviewed by the team. labels Sep 12, 2023

vavsab mentioned this issue Sep 12, 2023

chore: Bump aiohttp from 3.8.4 to 3.8.5 in /libraries/botbuilder-integration-aiohttp #2010

Merged

vavsab added a commit to vavsab/botbuilder-python that referenced this issue Sep 12, 2023

Bump aiohttp to 3.8.5 to fix CVE

8069638

microsoft#2016

This was referenced Sep 12, 2023

Bump aiohttp to 3.8.5 to fix CVE #2017

Closed

Bump aiohttp to 3.8.5 to fix CVE mapped/botbuilder-python#1

Merged

vavsab closed this as completed Oct 3, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump aiohttp to 3.8.5 to fix CVE-2023-37276 #2016

Bump aiohttp to 3.8.5 to fix CVE-2023-37276 #2016

vavsab commented Sep 12, 2023

vavsab commented Oct 3, 2023

Bump aiohttp to 3.8.5 to fix CVE-2023-37276 #2016

Bump aiohttp to 3.8.5 to fix CVE-2023-37276 #2016

Comments

vavsab commented Sep 12, 2023

Github issues should be used for bugs and feature requests. Use Stack Overflow for general "how-to" questions.

Version

Describe the bug

To Reproduce

Expected behavior

Screenshots

Additional context

vavsab commented Oct 3, 2023