You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@jclouds.apache.org by "Andrew Gaul (Jira)" <ji...@apache.org> on 2020/09/10 10:01:00 UTC

[jira] [Commented] (JCLOUDS-1551) Update version of OkHttp

    [ https://issues.apache.org/jira/browse/JCLOUDS-1551?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17193506#comment-17193506 ] 

Andrew Gaul commented on JCLOUDS-1551:
--------------------------------------

I created https://github.com/apache/jclouds/pull/71 to upgrade OkHttp to 2.7.5.  I had hoped that this would address a Java 8 update 1024 bit certificate incompatibility but unfortunately a newer version is required.  Unfortunately the OkHttp APIs changed quite a bit so moving to version 3 or 4 is a lot of work.

> Update version of OkHttp
> ------------------------
>
>                 Key: JCLOUDS-1551
>                 URL: https://issues.apache.org/jira/browse/JCLOUDS-1551
>             Project: jclouds
>          Issue Type: Improvement
>          Components: jclouds-drivers
>    Affects Versions: 2.2.1
>            Reporter: Konstantin Orlov
>            Priority: Major
>
> Current version of {{OkHttp}} (ver 2.2.0) has [a vulnerability of medium severity|https://nvd.nist.gov/vuln/detail/CVE-2016-2402]. It would nice to bump the version to get rid of this vulnerability.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)