eli-darkly
commented
2 years ago Thanks. We should be able to put out a patch release shortly.
Closed moeshue closed 2 years ago
eli-darkly
commented
2 years ago Thanks. We should be able to put out a patch release shortly.
eli-darkly
commented
2 years ago Fixed in the 5.10.1 release.
moeshue
commented
2 years ago Fixed in the 5.10.1 release.
Thank you so much!
Is this a support request? This issue tracker is maintained by LaunchDarkly SDK developers and is intended for feedback on the SDK code. If you're not sure whether the problem you are having is specifically related to the SDK, or to the LaunchDarkly service overall, it may be more appropriate to contact the LaunchDarkly support team; they can help to investigate the problem and will consult the SDK team if necessary. You can submit a support request by going here or by emailing support@launchdarkly.com.
Note that issues filed on this issue tracker are publicly accessible. Do not provide any private account information on your issues. If your problem is specific to your account, you should submit a support request as described above.
Describe the bug It's not a bug but just a vulnerability, and we cannot override snakeyaml's version since it's wrapped in the jar
To reproduce https://security.snyk.io/vuln/SNYK-JAVA-ORGYAML-2806360
Expected behavior snakeyaml is upgraded to 1.31
Logs If applicable, add any log output related to your problem.
SDK version latest 5.10.0
Language version, developer tools Java
OS/platform For instance, Ubuntu 16.04, Windows 10, or Android 4.0.3. If your code is running in a browser, please also include the browser type and version.
Additional context Add any other context about the problem here.