jclouds-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew Gaul (Jira)" <j...@apache.org>
Subject [jira] [Commented] (JCLOUDS-1551) Update version of OkHttp
Date Thu, 10 Sep 2020 10:01:00 GMT

    [ https://issues.apache.org/jira/browse/JCLOUDS-1551?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17193506#comment-17193506
] 

Andrew Gaul commented on JCLOUDS-1551:
--------------------------------------

I created https://github.com/apache/jclouds/pull/71 to upgrade OkHttp to 2.7.5.  I had hoped
that this would address a Java 8 update 1024 bit certificate incompatibility but unfortunately
a newer version is required.  Unfortunately the OkHttp APIs changed quite a bit so moving
to version 3 or 4 is a lot of work.

> Update version of OkHttp
> ------------------------
>
>                 Key: JCLOUDS-1551
>                 URL: https://issues.apache.org/jira/browse/JCLOUDS-1551
>             Project: jclouds
>          Issue Type: Improvement
>          Components: jclouds-drivers
>    Affects Versions: 2.2.1
>            Reporter: Konstantin Orlov
>            Priority: Major
>
> Current version of {{OkHttp}} (ver 2.2.0) has [a vulnerability of medium severity|https://nvd.nist.gov/vuln/detail/CVE-2016-2402].
It would nice to bump the version to get rid of this vulnerability.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Mime
View raw message