Gradle - v7.6.3
Security
This is a patch release for 7.6. We recommend using 7.6.3 instead of 7.6.
This release addresses two security vulnerabilities:
- Incorrect permission assignment for symlinked files used in copy or archiving operations
- Possible local text file exfiltration by XML External entity injection
It also fixes the following issues:
Upgrade Instructions
Switch your build to use Gradle 7.6.3 by updating your wrapper:
./gradlew wrapper --gradle-version=7.6.3
See the Gradle 7.x upgrade guide to learn about deprecations, breaking changes and other considerations when upgrading to Gradle 7.6.3.
Reporting Problems
If you find a problem with this release, please file a bug on GitHub Issues adhering to our issue guidelines.
If you're not sure you're encountering a bug, please use the forum.
Security
Security wording was detected, but no CVEs were found.
Details
date
Oct. 4, 2023, 9:58 p.m.
name
7.6.3
type
Patch
official page
👇
Register or login to:
- 🔍View and search all Gradle releases.
- 🛠️Create and share lists to track your tools.
- 🚨Setup notifications for major, security, feature or patch updates.
- 🚀Much more coming soon!