[RESULT][VOTE] Release Commons Collections 3.2.2 Based on RC3

On 11/13/2015 12:31 AM, Thomas Neidhart wrote: > Hi all, [snip] > Considering that this is a security related release and that RC2 did not > show any functional problems with the release, I plan to close this vote > in 24h from now, i.e. after 0100 GMT 14-November 2015 Here is a tally of the

Re: [RESULT][VOTE] Release Commons Collections 3.2.2 Based on RC3

Thx Thomas. The fix for the Java serialization vulnerability is on the way. Now should we add some information on http://commons.apache.org/security.html like Commons Compress did? -- Uwe On November 14, 2015 10:59:52 AM Thomas Neidhart wrote: On 11/13/2015

Re: [RESULT][VOTE] Release Commons Collections 3.2.2 Based on RC3

On 11/14/2015 04:20 PM, Uwe Barthel wrote: > Thx Thomas. > > The fix for the Java serialization vulnerability is on the way. > Now should we add some information on > http://commons.apache.org/security.html like Commons Compress did? yes, we will do something similar. Thomas

Re: [VOTE] Release Commons Collections 3.2.2 Based on RC3

Le 13/11/2015 00:31, Thomas Neidhart a écrit : > Hi all, > > in order to provide a work-around for the known remote code exploit via > java de-serialization of malicious InvokerTransformer instances, I would > like to start a vote to release Commons Collections 3.2.2 based on

Re: [VOTE] Release Commons Collections 3.2.2 Based on RC3

+1 Builds fine now with my compiler zoo. Thomas Neidhart wrote: > Hi all, > > in order to provide a work-around for the known remote code exploit via > java de-serialization of malicious InvokerTransformer instances, I would > like to start a vote to release Commons Collecti

Re: [VOTE] Release Commons Collections 3.2.2 Based on RC3

Hi all, > > in order to provide a work-around for the known remote code exploit via > java de-serialization of malicious InvokerTransformer instances, I would > like to start a vote to release Commons Collections 3.2.2 based on RC3. > > Notes: > > * the site will not be published

Re: [VOTE] Release Commons Collections 3.2.2 Based on RC3

Hi all, >> >> in order to provide a work-around for the known remote code exploit via >> java de-serialization of malicious InvokerTransformer instances, I would >> like to start a vote to release Commons Collections 3.2.2 based on RC3. >> >> Notes: >&

Re: [VOTE] Release Commons Collections 3.2.2 Based on RC3

: "windows" > > > > and: > > > > Apache Ant(TM) version 1.9.6 compiled on June 29 2015 > > > > Gary > > > > On Thu, Nov 12, 2015 at 3:31 PM, Thomas Neidhart < > thomas.neidh...@gmail.com> > > wrote: > > > >> Hi

Re: [VOTE] Release Commons Collections 3.2.2 Based on RC3

On 2015-11-13, Thomas Neidhart wrote: > Please review the release candidate and vote. +1 Stefan - To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org

Re: [VOTE] Release Commons Collections 3.2.2 Based on RC3

ovide a work-around for the known remote code exploit via >> java de-serialization of malicious InvokerTransformer instances, I would >> like to start a vote to release Commons Collections 3.2.2 based on RC3. >> >> Notes: >> >> * the site will not be publis

[VOTE] Release Commons Collections 3.2.2 Based on RC3

Hi all, in order to provide a work-around for the known remote code exploit via java de-serialization of malicious InvokerTransformer instances, I would like to start a vote to release Commons Collections 3.2.2 based on RC3. Notes: * the site will not be published, it just serves