Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update to Guava 32.1.1 #184

Merged
merged 1 commit into from
Jul 27, 2023
Merged

Update to Guava 32.1.1 #184

merged 1 commit into from
Jul 27, 2023

Conversation

jimmyjames
Copy link
Contributor

@jimmyjames jimmyjames commented Jul 27, 2023

Changes

Updates the version of Guava to latest as fix for CVE-2023-2976.
We have verified the major version change shouldn't break the flow for us mentioned here

Replaces #183

References

https://nvd.nist.gov/vuln/detail/CVE-2023-2976
https://github.com/google/guava/releases/tag/v32.0.0
https://github.com/google/guava/releases/tag/v32.1.1
google/guava#6654

@jimmyjames jimmyjames requested a review from a team as a code owner July 27, 2023 21:36
Copy link
Contributor

@poovamraj poovamraj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good one Jim 👍

@jimmyjames jimmyjames merged commit e850546 into master Jul 27, 2023
@jimmyjames jimmyjames deleted the bump-guava branch July 27, 2023 22:35
@jimmyjames jimmyjames mentioned this pull request Jul 28, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants