Re: Release Critical Security Bug in Bazel Dependency
Looks like the bug is fixed in the latest release of google-oauth-client. Does this mean we just need to upgrade its version in Debian?
Please let me know if I can help with anything!
Debian Bazel Team,
It just came to my attention that there is a Release Critical Security
Bug against the google-oauth-client-java package.  If not fixed
quickly, this will result in the removal of that package as well as its
dependencies (google-api-client-java and bazel-bootstrap). Fixing this
is now my #1 priority. I'll update this list with progress.