search

sbt / sbt-native-packager

sbt Native Packager
https://sbt-native-packager.readthedocs.io/en/stable/
BSD 2-Clause "Simplified" License
1.59k stars 439 forks source link

Bump up commons-compress for security #1516

Closed headiron closed 2 years ago

headiron commented 2 years ago

There is security vulnerability on common-compress 1.20 ( CVE-2021-35515 ) .

Bump up to 1.21

lightbend-cla-validator commented 2 years ago

Hi @headiron,

Thank you for your contribution! We really value the time you've taken to put this together.

Before we proceed with reviewing this pull request, please sign the Lightbend Contributors License Agreement:

https://www.lightbend.com/contribute/cla