okio icon indicating copy to clipboard operation
okio copied to clipboard
verified publisher icon square

Add Kotlin 1.4.21 to v2.10.x to resolve security vulnerability

Open Boojapho opened this issue 4 years ago • 0 comments

Okio 2.10.0 is currently using Kotlin 1.4.20. This version of Kotlin has a security vulnerability: https://nvd.nist.gov/vuln/detail/CVE-2020-29582, which was fixed in 1.4.21.

Update the dependency to 1.4.21 and release a security patch as 2.10.1 of Okio

Version 3.x of Okio is already using a newer version.

Boojapho avatar Aug 19 '21 18:08 Boojapho