You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@camel.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2019/01/19 12:31:00 UTC
[jira] [Work logged] (CAMEL-13083) Upgrade to latest Guava version
for Swagger dependency
[ https://issues.apache.org/jira/browse/CAMEL-13083?focusedWorklogId=187335&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-187335 ]
ASF GitHub Bot logged work on CAMEL-13083:
------------------------------------------
Author: ASF GitHub Bot
Created on: 19/Jan/19 12:30
Start Date: 19/Jan/19 12:30
Worklog Time Spent: 10m
Work Description: DariusX commented on pull request #2722: Update the version of guava used by Camel swagger (CAMEL-13083)
URL: https://github.com/apache/camel/pull/2722
To fix this vulnerability: https://github.com/google/guava/wiki/CVE-2018-10237
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
Issue Time Tracking
-------------------
Worklog Id: (was: 187335)
Time Spent: 10m
Remaining Estimate: 0h
> Upgrade to latest Guava version for Swagger dependency
> ------------------------------------------------------
>
> Key: CAMEL-13083
> URL: https://issues.apache.org/jira/browse/CAMEL-13083
> Project: Camel
> Issue Type: Improvement
> Reporter: Darius Cooper
> Priority: Minor
> Fix For: 3.0.0, 2.23.2, 2.24.0
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> Guava up to ver 24.1 has a denial of service vulnerability.
> Upgrade the camel-swagger dependency on Guava to a newer version.
> Would be nice if this could go in the 2.23.x version and above
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)