Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump guava version 30.0 #1479

Merged
merged 1 commit into from
Dec 15, 2020
Merged

Bump guava version 30.0 #1479

merged 1 commit into from
Dec 15, 2020

Conversation

strehle
Copy link
Member

@strehle strehle commented Dec 14, 2020

because of CVE-2020-8908

found by whitesource scan

@strehle
Bump guava version 30.0
75b8595 
because of CVE-2020-8908

found by whitesource scan
@cf-gitbot
Copy link

We have created an issue in Pivotal Tracker to manage this:

https://www.pivotaltracker.com/story/show/176149547

The labels on this github issue will be updated when the story is started.

@strehle strehle added the dependencies Pull requests that update a dependency file label Dec 14, 2020
@strehle strehle merged commit 2416bcf into develop Dec 15, 2020
@strehle strehle deleted the strehle/fix/cve20208908 branch December 15, 2020 07:25
@cf-gitbot cf-gitbot added delivered accepted Accepted the issue and removed delivered labels Dec 15, 2020
strehle added a commit that referenced this pull request Jan 12, 2021
@strehle
Merge branch 'develop' of github.com:cloudfoundry/uaa into bump/sprin…
e003505 
…g-oauth

* 'develop' of github.com:cloudfoundry/uaa: (32 commits)
  Bump nokogiri from 1.10.8 to 1.11.0 in /uaa/slate (#1489)
  Update UAA image reference in k8s deployment template to cfidentity/uaa@sha256:1f6cbc6a45891ad31c2ff562b1fdc279f13263c88787ea69e275e082c525ead0
  Bump redcarpet from 3.4.0 to 3.5.1 in /uaa/slate (#1488)
  Update UAA image reference in k8s deployment template to cfidentity/uaa@sha256:66f90c70c583f2b105c9616e523777918eed699db86151983dcf4aa7dbc26f32
  Update docs to correct error. [#175985394]
  K8s templates now allow configuring `issuer.uri` (#1487)
  Update externalId on login (#1330)
  Update UAA image reference in k8s deployment template to cfidentity/uaa@sha256:7da4296c9a32a7ae4471d2e2cbb5cbf1405a3100d4722cfaff74779d66d9a410
  Bump k8s.io/client-go from 0.20.0 to 0.20.1 in /k8s
  Bump gopkg.in/yaml.v2 from 2.3.0 to 2.4.0 in /k8s
  Update UAA image reference in k8s deployment template to cfidentity/uaa@sha256:bd0a6e0de975b961dc278209fc8fc75572a0fe933ee1964621373f225ccda014
  Add punctuation to make issue template so good.
  Empty commit to work around Concourse ci complication.
  Bump github.com/onsi/gomega from 1.10.3 to 1.10.4 in /k8s
  Update UAA image reference in k8s deployment template to cfidentity/uaa@sha256:a2fb30a2f2b547853d385739a41b5ea3a41b66181b955b5770438b6616857c49
  Refactor fetch of tokenKeyUrl (#1474)
  write exception message only  (#1469)
  dependency update (#1478)
  Bump guava version 30.0 (#1479)
  Update UAA image reference in k8s deployment template to cfidentity/uaa@sha256:af0b3cdabdaae29ed08e220a94a5c8c34a9b40c7856fea031c68cd0a45972008
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@staylor14 staylor14 Awaiting requested review from staylor14

@thausler786 thausler786 Awaiting requested review from thausler786

Assignees
No one assigned
Labels
accepted Accepted the issue dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@strehle @cf-gitbot