You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@groovy.apache.org by "Remko Popma (JIRA)" <ji...@apache.org> on 2019/02/19 12:27:00 UTC
[jira] [Resolved] (GROOVY-9001) Bump picocli to 3.9.5 from 3.9.3
[ https://issues.apache.org/jira/browse/GROOVY-9001?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Remko Popma resolved GROOVY-9001.
---------------------------------
Resolution: Fixed
Fixed in master and the 2_5_X branch.
> Bump picocli to 3.9.5 from 3.9.3
> --------------------------------
>
> Key: GROOVY-9001
> URL: https://issues.apache.org/jira/browse/GROOVY-9001
> Project: Groovy
> Issue Type: Dependency upgrade
> Components: command line processing
> Affects Versions: 2.5.6
> Reporter: Remko Popma
> Assignee: Remko Popma
> Priority: Major
> Fix For: 2.5.7
>
>
> This upgrade is important: native code included in jansi-1.14 (included in Gradle 4.5.x) seems to have a bug that can crash the JVM.
> (Version details: RHEL 3.10.0-327.44.2.el7.x86_64 on Java 1.8.0_112-b15
> Java HotSpot(TM) 64-Bit Server VM (build 25.112-b15, mixed mode)).
> Picocli 3.9.5 will _only_ load jansi classes when running on Windows. Picocli versions 3.9.0 to 3.9.4 may load jansi classes when running on non-Windows platforms and are vulnerable to this problem.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)