Skip to content
This repository was archived by the owner on Aug 6, 2025. It is now read-only.

Bump google gson to 2.8.9 due to detected vulnerability#124

Merged
gaul merged 1 commit intoapache:masterfrom
jcabrerizo:bump-gson-2.8.9
Nov 10, 2021
Merged

Bump google gson to 2.8.9 due to detected vulnerability#124
gaul merged 1 commit intoapache:masterfrom
jcabrerizo:bump-gson-2.8.9

Conversation

@jcabrerizo
Copy link
Copy Markdown
Contributor

@jcabrerizo jcabrerizo commented Nov 9, 2021

Snyk identifies now previos version of gson as vulnerable. This updates gson to the fixed version
skyn report: https://security.snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327
gson PR: google/gson#1991

@gaul gaul marked this pull request as ready for review November 10, 2021 00:07
@gaul
Copy link
Copy Markdown
Member

gaul commented Nov 10, 2021

Could you open a JIRA issue and tag this commit in the summary? This will ensure that the release notes include it.

@jcabrerizo
Copy link
Copy Markdown
Contributor Author

jcabrerizo commented Nov 10, 2021

Hi @gaul I created the issue: https://issues.apache.org/jira/browse/JCLOUDS-1588

@gaul gaul merged commit 14e92fc into apache:master Nov 10, 2021
@gaul
Copy link
Copy Markdown
Member

gaul commented Nov 10, 2021

Thank you for your contribution @jcabrerizo!

derekhillhp
derekhillhp reviewed Feb 23, 2022
View reviewed changes
Copy link
Copy Markdown

@derekhillhp derekhillhp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changes look good to me.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

1 more reviewer

@derekhillhp derekhillhp derekhillhp left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jcabrerizo @gaul @derekhillhp