Based on some research by the oparent team, I've updated the Guilin vulnerability recommendations in all of the project tables.
* Spring version: 5.2.7.RELEASE * Jetty-http: 9.4.23.v20200521 * Guava: 29.0-jre * Tomcat-embed-core: 9.0.36 * Bootstrap: 4.5.1 * Jackson-core, jackson-databind: 2.11.0 * Jackson-mapper-asl: replace with jackson-databind 2.11.0 * Webjars jquery: 3.5.1 * Apache.webcomponents httpclient: 4.5.12 Please remember that projects need to provide feedback on their upgrade plans by M1 and complete the upgrades by M2/M3. Best regards, Amy Zwarico, LMTS Chief Security Office / Platform Security AT&T Services (205) 613-1667 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#21344): https://lists.onap.org/g/onap-discuss/message/21344 Mute This Topic: https://lists.onap.org/mt/74898235/21656 Group Owner: [email protected] Unsubscribe: https://lists.onap.org/g/onap-discuss/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
