Upgrade com.squareup.okhttp3:okhttp libraries to >= 4.9.2 due to critical security vulnerability

[anbangz]

Description of vulnerability here: square/okhttp#6738

Snyk vulnerability here: https://security.snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044

I believe the

• com.squareup.okhttp3:logging-interceptor
• com.squareup.okhttp3:okhttp-urlconnection:3.12.12
• com.squareup.retrofit2:retrofit:2.6.4

libraries will also have to be upgraded, as they take transitive dependencies on com.squareup.okhttp3:okhttp:3.12.12

[kpytlar]

Checking in here - any plans to mitigate this vulnerability?

[weidongxu-microsoft]

Almost all client lib that depends on autorest-clientruntime-for-java was deprecated.

If you still use these libs (usually namespace with "com.microsoft.azure.", please consider migrate to new client lib ("com.azure.").