commons-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Deepesh (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (COLLECTIONS-581) Deserialization and Apache Commons Collection
Date Tue, 10 Nov 2015 10:07:10 GMT

    [ https://issues.apache.org/jira/browse/COLLECTIONS-581?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14998342#comment-14998342
] 

Deepesh commented on COLLECTIONS-581:
-------------------------------------

Thanks Mark, i have dropped an email to 'dev@commons.apache.org' and  'security@apache.org'.
Kindly let me know if this is fine.




> Deserialization and Apache Commons Collection
> ---------------------------------------------
>
>                 Key: COLLECTIONS-581
>                 URL: https://issues.apache.org/jira/browse/COLLECTIONS-581
>             Project: Commons Collections
>          Issue Type: Bug
>          Components: Functor
>    Affects Versions: 3.0, 3.1, 3.2.1
>            Reporter: Deepesh
>            Assignee: Mark Thomas
>              Labels: patch
>
> Hi Team,
> This is regarding “commons-collections Java library”. In our applications we are
widely using this library and hence looking to urgently patch the fix for vulnerability issue
if it is available.
> Searching on internet we found one patch released on Sunday 08th Nov http://svn.apache.org/viewvc?view=revision&revision=1713307
> Just wanted to check with you if there is any updated / complied version of commons-collections
jar available or going to be released soon which we can directly replace with our existing
jar file that provides the fix for the vulnerability issue.
> Thanks in advance!



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message