We use 1.3.1 version.
Every time we call auth.resetPassword(email, connection).execute() we afterwards get warning and stack trace in logs:

[warn] o.OkHttpClient - A connection to https://tenant.auth0.com/ was leaked. Did you forget to close a response body?
java.lang.Throwable: response.body().close()
at okhttp3.internal.platform.Platform.getStackTraceForCloseable(Platform.java:143)
at okhttp3.RealCall.captureCallStackTrace(RealCall.java:78)
at okhttp3.RealCall.execute(RealCall.java:66)
at com.auth0.net.BaseRequest.execute(BaseRequest.java:32)
at com.myapp.Wrapper.changePassword(Wrapper.java)

Seems like it is caused by https://github.com/auth0/auth0-java/blob/master/src/main/java/com/auth0/net/VoidRequest.java - when the response is successful, it won't be processed at all, but it should be closed to avoid the issue.