You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@jclouds.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2021/11/10 10:53:00 UTC
[jira] [Commented] (JCLOUDS-1588) Vulnerability detected in gson
<2.8.9
[ https://issues.apache.org/jira/browse/JCLOUDS-1588?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17441662#comment-17441662 ]
ASF subversion and git services commented on JCLOUDS-1588:
----------------------------------------------------------
Commit 14e92fc8c82bc47ef90a25ee219861069ecf3193 in jclouds's branch refs/heads/master from Juan Cabrerizo
[ https://gitbox.apache.org/repos/asf?p=jclouds.git;h=14e92fc ]
JCLOUDS-1588: Bump google gson to 2.8.9 due to detected vulnerability (#124)
> Vulnerability detected in gson <2.8.9
> -------------------------------------
>
> Key: JCLOUDS-1588
> URL: https://issues.apache.org/jira/browse/JCLOUDS-1588
> Project: jclouds
> Issue Type: Bug
> Reporter: Juan D. Cabrerizo
> Priority: Major
>
> Snyk identifies now the previos versions of Google gson as vulnerable. The PR updates gson to the fixed version.
> Snyk report: [https://security.snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327]
> gson PR: [google/gson#1991|https://github.com/google/gson/pull/1991]
>
> https://github.com/apache/jclouds/pull/124
--
This message was sent by Atlassian Jira
(v8.20.1#820001)