Release Notes / Version 10.2010
Table Of ContentsSecurity-Update of google-oauth library from 1.19 to 1.31.1
Due to a OWASP security warning the Google OAuth Library com.google.oauth-client:google-oauth-client was updated from V1.19 to the suggested version 1.31.1
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-7692
The transitive relationships of OAuth also made the update of the google-libraries com.google.api-client:google-api-client (1.19 to 1.30.6) and com.google.http-client:google-http-client (1.19 to 1.36.0) necessary.
This update is considered non-breaking but customers relying on these libraries in potential custom extensions should check the corresponding functionality.
(CMS-17896)