On 11/13/2015 12:31 AM, Thomas Neidhart wrote:
> Hi all,
[snip]
> Considering that this is a security related release and that RC2 did not
> show any functional problems with the release, I plan to close this vote
> in 24h from now, i.e. after 0100 GMT 14-November 2015
Here is a tally of the
Thx Thomas.
The fix for the Java serialization vulnerability is on the way.
Now should we add some information on
http://commons.apache.org/security.html like Commons Compress did?
-- Uwe
On November 14, 2015 10:59:52 AM Thomas Neidhart
wrote:
On 11/13/2015
On 11/14/2015 04:20 PM, Uwe Barthel wrote:
> Thx Thomas.
>
> The fix for the Java serialization vulnerability is on the way.
> Now should we add some information on
> http://commons.apache.org/security.html like Commons Compress did?
yes, we will do something similar.
Thomas
Le 13/11/2015 00:31, Thomas Neidhart a écrit :
> Hi all,
>
> in order to provide a work-around for the known remote code exploit via
> java de-serialization of malicious InvokerTransformer instances, I would
> like to start a vote to release Commons Collections 3.2.2 based on
+1
Builds fine now with my compiler zoo.
Thomas Neidhart wrote:
> Hi all,
>
> in order to provide a work-around for the known remote code exploit via
> java de-serialization of malicious InvokerTransformer instances, I would
> like to start a vote to release Commons Collecti
Hi all,
>
> in order to provide a work-around for the known remote code exploit via
> java de-serialization of malicious InvokerTransformer instances, I would
> like to start a vote to release Commons Collections 3.2.2 based on RC3.
>
> Notes:
>
> * the site will not be published
Hi all,
>>
>> in order to provide a work-around for the known remote code exploit via
>> java de-serialization of malicious InvokerTransformer instances, I would
>> like to start a vote to release Commons Collections 3.2.2 based on RC3.
>>
>> Notes:
>&
: "windows"
> >
> > and:
> >
> > Apache Ant(TM) version 1.9.6 compiled on June 29 2015
> >
> > Gary
> >
> > On Thu, Nov 12, 2015 at 3:31 PM, Thomas Neidhart <
> thomas.neidh...@gmail.com>
> > wrote:
> >
> >> Hi
On 2015-11-13, Thomas Neidhart wrote:
> Please review the release candidate and vote.
+1
Stefan
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
ovide a work-around for the known remote code exploit via
>> java de-serialization of malicious InvokerTransformer instances, I would
>> like to start a vote to release Commons Collections 3.2.2 based on RC3.
>>
>> Notes:
>>
>> * the site will not be publis
Hi all,
in order to provide a work-around for the known remote code exploit via
java de-serialization of malicious InvokerTransformer instances, I would
like to start a vote to release Commons Collections 3.2.2 based on RC3.
Notes:
* the site will not be published, it just serves
11 matches
Mail list logo