[COLLECTIONS-581] Deserialization and Apache Commons Collection - ASF JIRA

Attach files

Attach Screenshot

Voters

Watch issue

Watchers

Create sub-task

Link

Clone

Update Comment Author

Replace String in Comment

Update Comment Visibility

Delete Comments

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Invalid
Affects Version/s: 3.0, 3.1, 3.2.1
Fix Version/s: None
Component/s: Functor
Labels:
- patch

Flags:

Patch, Important

Description

Hi Team,

This is regarding “commons-collections Java library”. In our applications we are widely using this library and hence looking to urgently patch the fix for vulnerability issue if it is available.
Searching on internet we found one patch released on Sunday 08th Nov http://svn.apache.org/viewvc?view=revision&revision=1713307

Just wanted to check with you if there is any updated / complied version of commons-collections jar available or going to be released soon which we can directly replace with our existing jar file that provides the fix for the vulnerability issue.

Thanks in advance!

Attachments

Activity

Comment

This comment will be Viewable by All Users Viewable by All Users

Cancel

People

Assignee:: Mark Thomas

Reporter:: Deepesh

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 10/Nov/15 09:55

Updated:: 27/Nov/15 21:47

Resolved:: 10/Nov/15 10:00

Agile

View on Board

Deserialization and Apache Commons Collection

Details

Description

Attachments

Attachments

Activity

People

Dates

Agile

Slack

Issue deployment