You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Operating System (Ubuntu 15.10 / MacOS 10.10 / Windows 10)
all
JDK (Oracle 1.8.0_72, OpenJDK 1.8.x, Azul Zing)
1.8.0_192
Library Dependencies
com.google.guava:guava
Expected Behavior
The current version of com.google.guava:guava (23.6.1-jre) that is being used by playframework 2.6.21 contains a security vulnerability. See https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-32236 for details. I see that this library has been updated in 2.7.0-RC9 but would it be possible to apply the same update to a stable release for use in production?
The text was updated successfully, but these errors were encountered:
Play Version (2.5.x / etc)
2.6.x
API (Scala / Java / Neither / Both)
Scala
Operating System (Ubuntu 15.10 / MacOS 10.10 / Windows 10)
all
JDK (Oracle 1.8.0_72, OpenJDK 1.8.x, Azul Zing)
1.8.0_192
Library Dependencies
com.google.guava:guava
Expected Behavior
The current version of
com.google.guava:guava
(23.6.1-jre) that is being used by playframework 2.6.21 contains a security vulnerability. See https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-32236 for details. I see that this library has been updated in 2.7.0-RC9 but would it be possible to apply the same update to a stable release for use in production?The text was updated successfully, but these errors were encountered: