cloudberry

cloudberry copied to clipboard

Reame
Issues

Upgrade PyYAML from 5.3.1 to 5.4.1

Open tuhaihe opened this issue 8 months ago • 0 comments

A vulnerability was discovered in the PyYAML library in versions before 5.4. The Rocky9 also shipped the 5.4.1 as a PyYAML stable version now.

Related vulnerability details: https://github.com/advisories/GHSA-8q59-q68h-6hv4

Fixes #ISSUE_Number

What does this PR do?

Type of Change

[ ] Bug fix (non-breaking change)
[ ] New feature (non-breaking change)
[ ] Breaking change (fix or feature with breaking changes)
[ ] Documentation update

Breaking Changes

Test Plan

[ ] Unit tests added/updated
[ ] Integration tests added/updated
[ ] Passed make installcheck
[ ] Passed make -C src/test installcheck-cbdb-parallel

Impact

Performance:

User-facing changes:

Dependencies:

Checklist

[ ] Followed contribution guide
[ ] Added/updated documentation
[ ] Reviewed code for security implications
[ ] Requested review from cloudberry committers

Additional Context

CI Skip Instructions

Apr 29 '25 08:04 tuhaihe