Open QiAnXinCodeSafe opened 3 years ago
The genconvert project runs offline in a controlled environment. Previously when I've tried upgrading Guava, there have been backwards-incompatible changes, particularly with the required Java version. I don't want to mess with genconvert unnecessarily, but next time someone tries running the tool, thet can consider bumping the Guava version.
https://github.com/google/myanmar-tools/blob/adc4db24df0d77abe0b84536892f14d00151eb0c/genconvert/pom.xml#L30
CVE-2020-8908 Recommended upgrade version: 30.0-jre