[GitHub] [beam] bvolpato commented on pull request #28656: Update Google Cloud Java Libraries BOM from 26.22.0 to 26.23.0

via GitHub Tue, 26 Sep 2023 06:49:41 -0700


bvolpato commented on PR #28656:
URL: https://github.com/apache/beam/pull/28656#issuecomment-1735578241


   ```
           json_org                                    : 
"org.json:json:20220320", // Keep in sync with everit-json-schema / 
google_cloud_platform_libraries_bom transitive deps.
   ```
   
   `everit-json-schema` and `google_cloud_platform_libraries_bom` disagree here.
   
   The current version 20220320 is in range for 
[CVE-2022-45688](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45688),
 but likely something that we can handle outside the release scope.
   
   libraries-bom transitively depends on 20230618
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

[GitHub] [beam] bvolpato commented on pull request #28656: Update Google Cloud Java Libraries BOM from 26.22.0 to 26.23.0

Reply via email to