subject:"\[GitHub\] \[drill\] ssainz commented on issue #2260\: CVE\-2020\-8908 in Guava v.28.2\-jre, should upgrade to v.30.1.1"

[GitHub] [drill] ssainz commented on issue #2260: CVE-2020-8908 in Guava v.28.2-jre, should upgrade to v.30.1.1

2022-06-18 Thread GitBox

ssainz commented on issue #2260: URL: https://github.com/apache/drill/issues/2260#issuecomment-1159488084 Hi - the shared guava seems is still 28.2, then not fixed yet ~ https://github.com/apache/drill/blob/master/pom.xml#L52 ``` 28.2-jre ``` -- This is an automated

[GitHub] [drill] ssainz commented on issue #2260: CVE-2020-8908 in Guava v.28.2-jre, should upgrade to v.30.1.1

2021-06-18 Thread GitBox

ssainz commented on issue #2260: URL: https://github.com/apache/drill/issues/2260#issuecomment-864019172 Hello there @luocooong , @cgivre - defect not fixed. Please check this line: https://github.com/vdiravka/drill/blob/master/pom.xml#L49 shared guava still refers to guava 28