Bug#1064146: Update snakeyaml to v2.2 or later
Jérôme Charaoui
jerome at riseup.net
Sat Feb 17 18:16:25 GMT 2024
Package: snakeyaml
Severity: wishlist
Dear maintainer,
Please upgrade snakeyaml to the latest version.
To help prevent remote code execution vulnerabilities, snakeyaml 2.2 and
later disallows global tags by default.
This has prompted a number of projects to migrate to this new release,
Puppet Server and PuppetDB, among others.
Thank you!
-- Jerome
More information about the pkg-java-maintainers
mailing list