Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-14142

Upgrade Google guava from 25.0-jre to 30.1-jre (addresses CVE-2020-8908)

    XMLWordPrintable

Details

    Description

      Update Google guava to 30.1-jre. Exclude all dependencies but failureaccess 1.0.1 according to Google Guava Important Warnings #3.

      Release Notes
      Release-Diff

      The update is justified due to ForkJoin Security Manager improvement: Issue 3784 Commit

      Attachments

        Issue Links

          is blocked by

          Component Upgrade - A task tracking an update to a bundled component or revision of component upstream of the project. WFCORE-5203 Update Google guava to 30.1-jre

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed
          is cloned by

          Component Upgrade - A task tracking an update to a bundled component or revision of component upstream of the project. JBEAP-20805 (7.3.z) Upgrade guava from 25.0.redhat-1 to 30.1.0.redhat-00001

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              cfang@redhat.com Cheng Fang
              xf01213 Boris Unckel (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: