[jira] [Updated] (SLING-12116) Update transative google-guava dependency to version 32.1.3-jre
[ https://issues.apache.org/jira/browse/SLING-12116?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Munteanu updated SLING-12116: Fix Version/s: XSS Protection API 2.3.12 (was: XSS Protection API 2.3.10) > Update transative google-guava dependency to version 32.1.3-jre > --- > > Key: SLING-12116 > URL: https://issues.apache.org/jira/browse/SLING-12116 > Project: Sling > Issue Type: Bug > Components: XSS Protection API >Reporter: Tatyana Vogel >Assignee: Tatyana Vogel >Priority: Critical > Fix For: XSS Protection API 2.3.12 > > > The sling XSS library has a transitive dependency which embeds vulnerable > google-guava. > Upgrade to a vulnerability-free version of the embedded library is needed. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (SLING-12116) Update transative google-guava dependency to version 32.1.3-jre
[ https://issues.apache.org/jira/browse/SLING-12116?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tatyana Vogel updated SLING-12116: -- Summary: Update transative google-guava dependency to version 32.1.3-jre (was: Update transative guava dependency to version 32.1.3-jre) > Update transative google-guava dependency to version 32.1.3-jre > --- > > Key: SLING-12116 > URL: https://issues.apache.org/jira/browse/SLING-12116 > Project: Sling > Issue Type: Bug > Components: XSS Protection API >Reporter: Tatyana Vogel >Priority: Critical > > The sling XSS library has a transitive dependency which embeds vulnerable > google-guava. > Upgrade to a vulnerability-free version of the embedded library is needed. -- This message was sent by Atlassian Jira (v8.20.10#820010)