[
https://issues.apache.org/jira/browse/GROOVY-9001?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Remko Popma closed GROOVY-9001.
-------------------------------
> Bump picocli to 3.9.5 from 3.9.3
> --------------------------------
>
> Key: GROOVY-9001
> URL: https://issues.apache.org/jira/browse/GROOVY-9001
> Project: Groovy
> Issue Type: Dependency upgrade
> Components: command line processing
> Affects Versions: 2.5.6
> Reporter: Remko Popma
> Assignee: Remko Popma
> Priority: Major
> Fix For: 2.5.7
>
>
> This upgrade is important: native code included in jansi-1.14 (included in
> Gradle 4.5.x) seems to have a bug that can crash the JVM.
> (Version details: RHEL 3.10.0-327.44.2.el7.x86_64 on Java 1.8.0_112-b15
> Java HotSpot(TM) 64-Bit Server VM (build 25.112-b15, mixed mode)).
> Picocli 3.9.5 will _only_ load jansi classes when running on Windows. Picocli
> versions 3.9.0 to 3.9.4 may load jansi classes when running on non-Windows
> platforms and are vulnerable to this problem.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
