śr., 24 wrz 2025 o 13:59 [email protected] <[email protected]> napisał(a): > > In Standalone artifacts > https://dist.apache.org/repos/dist/dev/struts/7.1.0/ there are > > * commons-logging-1.3.4 > * commons-io-2.18.0 (CVE-2025-48924) > > > Maybe we should use > > * commons-logging-1.3.5 > * commons-io-2.20.0
This is strange, Dependabot didn't report these vulnerable libraries - I will update them. Regards Łukasz --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
