Hi Devs, a user of Hyperledger Besu notified us that one of the dependencies of Tuweni (tuweni-toml) uses icu4j version 61.1, which has a vulnerability ( CVE-2018-18928). The tuweni dependency is antlr4 version 4.7.1. antlr4 version 4.9.3 is available ( https://mvnrepository.com/artifact/org.antlr/antlr4/4.9.3) which uses a newer version of icu4j. Would it be possible to get this updated and released please?
Thank you, Stefan Senior Protocol Engineer [email protected] | Brisbane, Australia We're Hiring <https://grnh.se/1f9e9cdf1us> | https://www.linkedin.com/in/stefan-pingel//
