New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CVE-2022-38752 #737
Comments
Thanks for the heads-up, I'll release an update in the next couple of days. Oh my, #734 was just a couple of days ago. |
@fstab - First of all, I like your git login "fstab", just like the linux command. :-) We're also waiting for the version bump for snakeyaml to 1.32. Have you thought about when it will be released? Thanks for your help and for being patient to impatient folks like me! |
0.17.2 released 🎉. Downloads aren't on https://repo1.maven.org/maven2/io/prometheus/jmx/jmx_prometheus_javaagent/ yet, but I guess it just takes a couple of minutes for Sonatype to sync. |
Ok, repositories are synced now and download links work. Thanks for reporting! |
Thank you @fstab! ... and to @marcchanwork for reporting... probably saved us a few days. |
Hello, I would like to request update for org.yaml:snakeyaml package to 1.32. This will fix CVE-2022-38752 detected in 0.17.1 version. Thanks!
The text was updated successfully, but these errors were encountered: