subject:"Bug#988944\: CVE\-2020\-7692"

Bug#988944: CVE-2020-7692

2021-05-30 Thread Olek Wojnar

Control: tag -1 + confirmed

Thanks for the bug report, Moritz!

Sorry for the delay, apparently I was not receiving emails about the
google-oauth-client-java package. I will work to get this fixed today.

-Olek



OpenPGP_signature
Description: OpenPGP digital signature

Bug#988944: CVE-2020-7692

2021-05-21 Thread Moritz Muehlenhoff

Source: google-oauth-client-java
Severity: grave
Tags: security
X-Debbugs-Cc: Debian Security Team 

CVE-2020-7692:
https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-575276
https://github.com/googleapis/google-oauth-java-client/issues/469
https://github.com/googleapis/google-oauth-java-client/commit/13433cd7dd06267fc261f0b1d4764f8e3432c824

Cheers,
 Moritz