[jira] [Commented] (JCLOUDS-1551) Update version of OkHttp
[ https://issues.apache.org/jira/browse/JCLOUDS-1551?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17283573#comment-17283573 ] ASF subversion and git services commented on JCLOUDS-1551: -- Commit 44ff69d144ff4fa0fa980cfba0d2c14fd9175f85 in jclouds's branch refs/heads/master from korlov42 [ https://gitbox.apache.org/repos/asf?p=jclouds.git;h=44ff69d ] JCLOUDS-1551: Update version of OkHttp 3.14.9 > Update version of OkHttp > > > Key: JCLOUDS-1551 > URL: https://issues.apache.org/jira/browse/JCLOUDS-1551 > Project: jclouds > Issue Type: Improvement > Components: jclouds-drivers >Affects Versions: 2.2.1 >Reporter: Konstantin Orlov >Priority: Major > Labels: dependency > Time Spent: 2h 40m > Remaining Estimate: 0h > > Current version of {{OkHttp}} (ver 2.2.0) has [a vulnerability of medium > severity|https://nvd.nist.gov/vuln/detail/CVE-2016-2402]. It would nice to > bump the version to get rid of this vulnerability. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (JCLOUDS-1551) Update version of OkHttp
[ https://issues.apache.org/jira/browse/JCLOUDS-1551?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17210814#comment-17210814 ] Konstantin Orlov commented on JCLOUDS-1551: --- Hi, [~gaul], I've prepared a [PR|https://github.com/apache/jclouds/pull/84]. Please take a look. > Update version of OkHttp > > > Key: JCLOUDS-1551 > URL: https://issues.apache.org/jira/browse/JCLOUDS-1551 > Project: jclouds > Issue Type: Improvement > Components: jclouds-drivers >Affects Versions: 2.2.1 >Reporter: Konstantin Orlov >Priority: Major > Labels: dependency > Time Spent: 10m > Remaining Estimate: 0h > > Current version of {{OkHttp}} (ver 2.2.0) has [a vulnerability of medium > severity|https://nvd.nist.gov/vuln/detail/CVE-2016-2402]. It would nice to > bump the version to get rid of this vulnerability. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (JCLOUDS-1551) Update version of OkHttp
[ https://issues.apache.org/jira/browse/JCLOUDS-1551?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17203851#comment-17203851 ] Andrew Gaul commented on JCLOUDS-1551: -- Unless another maintainer volunteers, I will run another release in a month or two. It would be great if you could contribute a fix for this release! > Update version of OkHttp > > > Key: JCLOUDS-1551 > URL: https://issues.apache.org/jira/browse/JCLOUDS-1551 > Project: jclouds > Issue Type: Improvement > Components: jclouds-drivers >Affects Versions: 2.2.1 >Reporter: Konstantin Orlov >Priority: Major > Labels: dependency > > Current version of {{OkHttp}} (ver 2.2.0) has [a vulnerability of medium > severity|https://nvd.nist.gov/vuln/detail/CVE-2016-2402]. It would nice to > bump the version to get rid of this vulnerability. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (JCLOUDS-1551) Update version of OkHttp
[ https://issues.apache.org/jira/browse/JCLOUDS-1551?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17203152#comment-17203152 ] Konstantin Orlov commented on JCLOUDS-1551: --- Hi, [~gaul]. Unfortunately I have been very busy the last few weeks, but now I have some free time so I plan to start in the next few days (most likely today). BTW when is 2.3.0 expected? > Update version of OkHttp > > > Key: JCLOUDS-1551 > URL: https://issues.apache.org/jira/browse/JCLOUDS-1551 > Project: jclouds > Issue Type: Improvement > Components: jclouds-drivers >Affects Versions: 2.2.1 >Reporter: Konstantin Orlov >Priority: Major > Labels: dependency > > Current version of {{OkHttp}} (ver 2.2.0) has [a vulnerability of medium > severity|https://nvd.nist.gov/vuln/detail/CVE-2016-2402]. It would nice to > bump the version to get rid of this vulnerability. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (JCLOUDS-1551) Update version of OkHttp
[ https://issues.apache.org/jira/browse/JCLOUDS-1551?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17202480#comment-17202480 ] Andrew Gaul commented on JCLOUDS-1551: -- [~korlov] Any progress on this? I would like to include a fix in the upcoming 2.3.0 release. > Update version of OkHttp > > > Key: JCLOUDS-1551 > URL: https://issues.apache.org/jira/browse/JCLOUDS-1551 > Project: jclouds > Issue Type: Improvement > Components: jclouds-drivers >Affects Versions: 2.2.1 >Reporter: Konstantin Orlov >Priority: Major > > Current version of {{OkHttp}} (ver 2.2.0) has [a vulnerability of medium > severity|https://nvd.nist.gov/vuln/detail/CVE-2016-2402]. It would nice to > bump the version to get rid of this vulnerability. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (JCLOUDS-1551) Update version of OkHttp
[ https://issues.apache.org/jira/browse/JCLOUDS-1551?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17194376#comment-17194376 ] Konstantin Orlov commented on JCLOUDS-1551: --- [~gaul] , think I could help with this. > Update version of OkHttp > > > Key: JCLOUDS-1551 > URL: https://issues.apache.org/jira/browse/JCLOUDS-1551 > Project: jclouds > Issue Type: Improvement > Components: jclouds-drivers >Affects Versions: 2.2.1 >Reporter: Konstantin Orlov >Priority: Major > > Current version of {{OkHttp}} (ver 2.2.0) has [a vulnerability of medium > severity|https://nvd.nist.gov/vuln/detail/CVE-2016-2402]. It would nice to > bump the version to get rid of this vulnerability. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (JCLOUDS-1551) Update version of OkHttp
[ https://issues.apache.org/jira/browse/JCLOUDS-1551?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17193556#comment-17193556 ] Andrew Gaul commented on JCLOUDS-1551: -- [~korlov] Upgrading past 2.7.5 requires changing API calls. Is there any chance you could look into this? > Update version of OkHttp > > > Key: JCLOUDS-1551 > URL: https://issues.apache.org/jira/browse/JCLOUDS-1551 > Project: jclouds > Issue Type: Improvement > Components: jclouds-drivers >Affects Versions: 2.2.1 >Reporter: Konstantin Orlov >Priority: Major > > Current version of {{OkHttp}} (ver 2.2.0) has [a vulnerability of medium > severity|https://nvd.nist.gov/vuln/detail/CVE-2016-2402]. It would nice to > bump the version to get rid of this vulnerability. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (JCLOUDS-1551) Update version of OkHttp
[ https://issues.apache.org/jira/browse/JCLOUDS-1551?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17193508#comment-17193508 ] Andrew Gaul commented on JCLOUDS-1551: -- Sigh, I forgot that this PR had a BounceCastle incompatibility that I could not figure out. > Update version of OkHttp > > > Key: JCLOUDS-1551 > URL: https://issues.apache.org/jira/browse/JCLOUDS-1551 > Project: jclouds > Issue Type: Improvement > Components: jclouds-drivers >Affects Versions: 2.2.1 >Reporter: Konstantin Orlov >Priority: Major > > Current version of {{OkHttp}} (ver 2.2.0) has [a vulnerability of medium > severity|https://nvd.nist.gov/vuln/detail/CVE-2016-2402]. It would nice to > bump the version to get rid of this vulnerability. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (JCLOUDS-1551) Update version of OkHttp
[ https://issues.apache.org/jira/browse/JCLOUDS-1551?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17193506#comment-17193506 ] Andrew Gaul commented on JCLOUDS-1551: -- I created https://github.com/apache/jclouds/pull/71 to upgrade OkHttp to 2.7.5. I had hoped that this would address a Java 8 update 1024 bit certificate incompatibility but unfortunately a newer version is required. Unfortunately the OkHttp APIs changed quite a bit so moving to version 3 or 4 is a lot of work. > Update version of OkHttp > > > Key: JCLOUDS-1551 > URL: https://issues.apache.org/jira/browse/JCLOUDS-1551 > Project: jclouds > Issue Type: Improvement > Components: jclouds-drivers >Affects Versions: 2.2.1 >Reporter: Konstantin Orlov >Priority: Major > > Current version of {{OkHttp}} (ver 2.2.0) has [a vulnerability of medium > severity|https://nvd.nist.gov/vuln/detail/CVE-2016-2402]. It would nice to > bump the version to get rid of this vulnerability. -- This message was sent by Atlassian Jira (v8.3.4#803005)