Summary: | <dev-java/guava-30.1.1: Multiple vulnerabilities (CVE-2018-10237, CVE-2020-8908) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | IN_PROGRESS --- | ||
Severity: | minor | CC: | java |
Priority: | Normal | Keywords: | PullRequest |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
See Also: |
https://github.com/gentoo/gentoo/pull/21318 https://github.com/gentoo/gentoo/pull/25940 https://bugs.gentoo.org/show_bug.cgi?id=908513 |
||
Whiteboard: | B3 [glsa?] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 809974, 831439, 833309, 833758 | ||
Bug Blocks: |
Description
Sam James
![]() ![]() ![]() ![]() Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=db6f1ad5edce356930cecb857d94a4fd58c7e9ee commit db6f1ad5edce356930cecb857d94a4fd58c7e9ee Author: Jeffrey Lin <jeffrey@icurse.nl> AuthorDate: 2021-06-19 03:58:45 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-01-19 02:36:46 +0000 dev-java/guava: add 30.1.1 Going back to SLOT 0 as upstream claims "APIs without `@Beta` will remain binary-compatible for the indefinite future." [1] [1]: https://github.com/google/guava#important-warnings Bug: https://bugs.gentoo.org/760111 Closes: https://bugs.gentoo.org/809974 Signed-off-by: Jeffrey Lin <jeffrey@icurse.nl> Closes: https://github.com/gentoo/gentoo/pull/21318 Signed-off-by: Sam James <sam@gentoo.org> dev-java/guava/Manifest | 1 + dev-java/guava/guava-30.1.1.ebuild | 58 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 59 insertions(+) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=33275e7369fbcc1bb980d6f5e81d3e91e450a614 commit 33275e7369fbcc1bb980d6f5e81d3e91e450a614 Author: Volkmar W. Pogatzki <gentoo@pogatzki.net> AuthorDate: 2022-06-17 11:43:29 +0000 Commit: Arthur Zamarin <arthurzam@gentoo.org> CommitDate: 2022-06-17 13:50:13 +0000 dev-java/guava: drop 20.0, 20.0-r1 Closes: https://bugs.gentoo.org/833309 Closes: https://bugs.gentoo.org/657692 Bug: https://bugs.gentoo.org/760111 Signed-off-by: Volkmar W. Pogatzki <gentoo@pogatzki.net> Closes: https://github.com/gentoo/gentoo/pull/25940 Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org> dev-java/guava/Manifest | 1 - dev-java/guava/guava-20.0-r1.ebuild | 36 ------------------------------------ dev-java/guava/guava-20.0.ebuild | 36 ------------------------------------ 3 files changed, 73 deletions(-) |