Return-Path: 
 <issues-return-51456-apmail-commons-issues-archive=commons.apache.org@commons.apache.org>
X-Original-To: apmail-commons-issues-archive@minotaur.apache.org
Delivered-To: apmail-commons-issues-archive@minotaur.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 99A4218A77
	for <apmail-commons-issues-archive@minotaur.apache.org>;
 Thu, 26 Nov 2015 16:42:11 +0000 (UTC)
Received: (qmail 80388 invoked by uid 500); 26 Nov 2015 16:42:11 -0000
Delivered-To: apmail-commons-issues-archive@commons.apache.org
Received: (qmail 80265 invoked by uid 500); 26 Nov 2015 16:42:11 -0000
Mailing-List: contact issues-help@commons.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:issues-help@commons.apache.org>
List-Unsubscribe: <mailto:issues-unsubscribe@commons.apache.org>
List-Post: <mailto:issues@commons.apache.org>
List-Id: <issues.commons.apache.org>
Reply-To: issues@commons.apache.org
Delivered-To: mailing list issues@commons.apache.org
Received: (qmail 80247 invoked by uid 99); 26 Nov 2015 16:42:11 -0000
Received: from arcas.apache.org (HELO arcas) (140.211.11.28)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 26 Nov 2015 16:42:11 +0000
Received: from arcas.apache.org (localhost [127.0.0.1])
	by arcas (Postfix) with ESMTP id 038D72C1F5B
	for <issues@commons.apache.org>; Thu, 26 Nov 2015 16:42:11 +0000 (UTC)
Date: Thu, 26 Nov 2015 16:42:11 +0000 (UTC)
From: "Sebb (JIRA)" <jira@apache.org>
To: issues@commons.apache.org
Message-ID: <JIRA.12767738.1421333593000.204717.1448556131011@Atlassian.JIRA>
In-Reply-To: <JIRA.12767738.1421333593000@Atlassian.JIRA>
References: <JIRA.12767738.1421333593000@Atlassian.JIRA>
 <JIRA.12767738.1421333593419@arcas>
Subject: [jira] [Updated] (VALIDATOR-357) Upgrade BeanUtils
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394


     [ https://issues.apache.org/jira/browse/VALIDATOR-357?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Sebb updated VALIDATOR-357:
---------------------------
    Fix Version/s:     (was: 1.5.0)

> Upgrade BeanUtils
> -----------------
>
>                 Key: VALIDATOR-357
>                 URL: https://issues.apache.org/jira/browse/VALIDATOR-357
>             Project: Commons Validator
>          Issue Type: New Feature
>          Components: Framework
>    Affects Versions: 1.1.3 Release, 1.2.0 Release, 1.3.0 Release, 1.3.1 Release, 1.4.0 Release, 1.4.1 Release
>            Reporter: David Dillard
>            Priority: Minor
>
> Validator 1.41 depends on BeanUtils 1.8.3.  This has a "potential security issue", see http://commons.apache.org/proper/commons-beanutils/javadocs/v1.9.2/RELEASE-NOTES.txt  Also, see http://www.cvedetails.com/cve-details.php?t=1&cve_id=cve-2014-0114
> Even if this issue doesn't affect Validator, BeanUtils should be upgraded so that issue issue doesn't affect other users of BeanUtils given the screwy way some builders (e.g. Maven) resolve conflicting dependencies.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)