You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@jclouds.apache.org by "Ignasi Barrera (JIRA)" <ji...@apache.org> on 2018/12/05 18:41:00 UTC

[jira] [Commented] (JCLOUDS-1470) Vulnarable Guava dependency dragged from jclouds-driver

    [ https://issues.apache.org/jira/browse/JCLOUDS-1470?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16710469#comment-16710469 ] 

Ignasi Barrera commented on JCLOUDS-1470:
-----------------------------------------

By default jclouds uses Guava 18 but you can safely use it with newer versions such as 19, 20 and 21 (this one doesn't support Java 7).
You can have a look at our compatibility build here to see which versions of Java, Guava and Guice are supported:
https://builds.apache.org/view/J/view/jclouds/job/jclouds-compat/

> Vulnarable Guava dependency dragged from jclouds-driver
> -------------------------------------------------------
>
>                 Key: JCLOUDS-1470
>                 URL: https://issues.apache.org/jira/browse/JCLOUDS-1470
>             Project: jclouds
>          Issue Type: Bug
>          Components: jclouds-core
>    Affects Versions: 2.1.1
>            Reporter: Blagoi Anastasov
>            Priority: Major
>              Labels: guava
>
> It looks like jclouds-driver drags old(from 2014) and vulnerable guava dependency - 18.0.
> [https://nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Agoogle%3Aguava%3A18.0]



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)