[
https://issues.apache.org/jira/browse/JCLOUDS-1470?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16950250#comment-16950250
]
Ignasi Barrera commented on JCLOUDS-1470:
-----------------------------------------
There are some issues like JCLOUDS-1333 round the upgrade of some of the core
dependencies of the project. That is also preventing us from upgrading to newer
Java versions.
However, this is a community project and current availability from most of the
core members is very limited and it is unlikely that we can make that happen in
a timely manner.
We would, however, be very happy to help anyone from the community that wants
to champion this and to provide any help and guidance to anyone that wants to
contribute a patch to upgrade the dependencies. Contributions are very welcome!
> Vulnarable Guava dependency dragged from jclouds-driver
> -------------------------------------------------------
>
> Key: JCLOUDS-1470
> URL: https://issues.apache.org/jira/browse/JCLOUDS-1470
> Project: jclouds
> Issue Type: Bug
> Components: jclouds-core
> Affects Versions: 2.1.1
> Reporter: Blagoi Anastasov
> Priority: Major
> Labels: guava
>
> It looks like jclouds-driver drags old(from 2014) and vulnerable guava
> dependency - 18.0.
> [https://nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Agoogle%3Aguava%3A18.0]
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
