You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@jclouds.apache.org by "Ignasi Barrera (JIRA)" <ji...@apache.org> on 2018/12/05 18:41:00 UTC
[jira] [Commented] (JCLOUDS-1470) Vulnarable Guava dependency
dragged from jclouds-driver
[ https://issues.apache.org/jira/browse/JCLOUDS-1470?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16710469#comment-16710469 ]
Ignasi Barrera commented on JCLOUDS-1470:
-----------------------------------------
By default jclouds uses Guava 18 but you can safely use it with newer versions such as 19, 20 and 21 (this one doesn't support Java 7).
You can have a look at our compatibility build here to see which versions of Java, Guava and Guice are supported:
https://builds.apache.org/view/J/view/jclouds/job/jclouds-compat/
> Vulnarable Guava dependency dragged from jclouds-driver
> -------------------------------------------------------
>
> Key: JCLOUDS-1470
> URL: https://issues.apache.org/jira/browse/JCLOUDS-1470
> Project: jclouds
> Issue Type: Bug
> Components: jclouds-core
> Affects Versions: 2.1.1
> Reporter: Blagoi Anastasov
> Priority: Major
> Labels: guava
>
> It looks like jclouds-driver drags old(from 2014) and vulnerable guava dependency - 18.0.
> [https://nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Agoogle%3Aguava%3A18.0]
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)