Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updating dependencies due to security vulnerabilities #21

Open
janvonde opened this issue Apr 2, 2022 · 3 comments
Open

Updating dependencies due to security vulnerabilities #21

janvonde opened this issue Apr 2, 2022 · 3 comments

Comments

@janvonde
Copy link

janvonde commented Apr 2, 2022

Hi,

we are using jgravatar and there is a critical CVE (CVE-2018-10237) for the included guava. Can you update the dependencies and release an updated version to maven central, please? That would be awesome!

Thank you for your help and best wishes from Germany,

Jan :-)

@Grundlefleck helped when I asked about a similar thing in #3 two years ago
@Grundlefleck
Copy link

Hi @janvonde. I'm no longer a member of the tim-group org, and wouldn't be able to publish a new version. Since I'm no longer an active user of jgravatar, I don't intend to keep it up to date.

Good luck!

@janvonde
Copy link
Author

janvonde commented Apr 3, 2022

Thanks for your quick reply @Grundlefleck 😄

@janvonde
Copy link
Author

janvonde commented Apr 3, 2022

Anybody else from tim-group out there that could help us with this?

@araqnid @adamgibbins @waseemtaj @alexconlin @jheister @davidmarkellis @arkangelofkaos

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Grundlefleck @janvonde