Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > linux.debian.maint.java > #12206
| From | Yun Peng <pcloudy@google.com> |
|---|---|
| Newsgroups | linux.debian.maint.java |
| Subject | Re: Release Critical Security Bug in Bazel Dependency |
| Date | 2021-05-31 10:40 +0200 |
| Message-ID | <CkLCO-BQ-5@gated-at.bofh.it> (permalink) |
| References | <CkwDL-8rs-3@gated-at.bofh.it> |
| Organization | linux.* mail to news gateway |
[Multipart message — attachments visible in raw view] - view raw
Thanks, Olek! Looks like the bug is fixed in the latest release of google-oauth-client. Does this mean we just need to upgrade its version in Debian? Please let me know if I can help with anything! On Sun, May 30, 2021 at 6:32 PM Olek Wojnar <olek@debian.org> wrote: > Debian Bazel Team, > > It just came to my attention that there is a Release Critical Security > Bug against the google-oauth-client-java package. [1] If not fixed > quickly, this will result in the removal of that package as well as its > dependencies (google-api-client-java and bazel-bootstrap). Fixing this > is now my #1 priority. I'll update this list with progress. > > > -Olek > > [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988944 > >
Back to linux.debian.maint.java | Previous | Next — Previous in thread | Find similar
Release Critical Security Bug in Bazel Dependency Olek Wojnar <olek@debian.org> - 2021-05-30 18:40 +0200 Re: Release Critical Security Bug in Bazel Dependency Yun Peng <pcloudy@google.com> - 2021-05-31 10:40 +0200
csiph-web