Remko Popma created GROOVY-9001:
-----------------------------------
Summary: Bump picocli to 3.9.5 from 3.9.3
Key: GROOVY-9001
URL: https://issues.apache.org/jira/browse/GROOVY-9001
Project: Groovy
Issue Type: Dependency upgrade
Components: command line processing
Affects Versions: 2.5.6
Reporter: Remko Popma
Assignee: Remko Popma
Fix For: 2.5.7
This upgrade is important: native code included in jansi-1.14 (included in
Gradle 4.5.x) seems to have a bug that can crash the JVM.
(Version details: RHEL 3.10.0-327.44.2.el7.x86_64 on Java 1.8.0_112-b15
Java HotSpot(TM) 64-Bit Server VM (build 25.112-b15, mixed mode)).
Picocli 3.9.5 will _only_ load jansi classes when running on Windows. Picocli
versions 3.9.0 to 3.9.4 may load jansi classes when running on non-Windows
platforms and are vulnerable to this problem.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
