This is an automated email from the ASF dual-hosted git repository.
ggregory pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-crypto.git
The following commit(s) were added to refs/heads/master by this push:
new 538d129a Add a reference to safe deserlialization
538d129a is described below
commit 538d129a5f6fefb04f248c3009e8cb11cf183aeb
Author: Gary Gregory <[email protected]>
AuthorDate: Thu Mar 19 23:46:34 2026 +0000
Add a reference to safe deserlialization
---
src/site/xdoc/security.xml | 80 ++++++++++++++++++++++++----------------------
1 file changed, 42 insertions(+), 38 deletions(-)
diff --git a/src/site/xdoc/security.xml b/src/site/xdoc/security.xml
index a47d671a..bce15f9e 100644
--- a/src/site/xdoc/security.xml
+++ b/src/site/xdoc/security.xml
@@ -1,45 +1,49 @@
<?xml version="1.0"?>
-<!-- Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file
- distributed with this work for additional information regarding copyright
ownership. The ASF licenses this file to You under
- the Apache License, Version 2.0 (the "License"); you may not use this file
except in compliance with the License. You may
- obtain a copy of the License at
https://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law
or agreed to
- in writing, software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
- ANY KIND, either express or implied. See the License for the specific
language governing permissions and limitations under
- the License. -->
+<!-- Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with this work
for additional
+ information regarding copyright ownership. The ASF licenses this file to You
under the Apache License, Version 2.0 (the "License"); you may not use this
file except
+ in compliance with the License. You may obtain a copy of the License at
https://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law
or agreed to
+ in writing, software distributed under the License is distributed on an "AS
IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied. See
+ the License for the specific language governing permissions and limitations
under the License. -->
<document>
- <properties>
- <title>Apache Commons Crypto Security Reports</title>
- <author email="[email protected]">Commons Team</author>
- </properties>
- <body>
- <section name="Security Vulnerabilities">
- <p>
- For information about reporting or asking questions about
- security, please see the
- <a href="https://commons.apache.org/security.html";>security
page</a>
- of the Apache Commons project.
- </p>
- <p>
- This page lists all security vulnerabilities fixed in released
versions of this component.
- </p>
+ <properties>
+ <title>Apache Commons Crypto Security Reports</title>
+ <author email="[email protected]">Commons Team</author>
+ </properties>
+ <body>
+ <section name="Security Vulnerabilities">
+ <p>
+ For information about reporting or asking questions about
+ security, please see the
+ <a href="https://commons.apache.org/security.html";>security page</a>
+ of the Apache Commons project.
+ </p>
+ <p>
+ This page lists all security vulnerabilities fixed in released
versions of this component.
+ </p>
- <p>
- Please note that binary patches are never provided. If you
need to apply a source code patch, use the
- building instructions for the component version that you are
using.
- </p>
+ <p>
+ Please note that binary patches are never provided. If you need to
apply a source code patch, use the
+ building instructions for the component version that you are using.
+ </p>
- <p>
- If you need help on building this component or other help on
following the instructions to
- mitigate the known vulnerabilities listed here, please send
your questions to the public
- <a href="mail-lists.html">user mailing list</a>.
- </p>
+ <p>
+ If you need help on building this component or other help on following
the instructions to
+ mitigate the known vulnerabilities listed here, please send your
questions to the public
+ <a href="mail-lists.html">user mailing list</a>
+ .
+ </p>
- <p>
- If you have encountered an unlisted security vulnerability or
other unexpected behavior that has security
- impact, or if the descriptions here are incomplete, please
report them privately to the Apache Security
- Team. Thank you.
- </p>
+ <p>
+ If you have encountered an unlisted security vulnerability or other
unexpected behavior that has security
+ impact, or if the descriptions here are incomplete, please report them
privately to the Apache Security
+ Team. Thank you.
+ </p>
- </section>
- </body>
+ </section>
+ <section name="Safe Deserialization">
+ <p>
+ For information about safe deserialization, please see <a
href="https://commons.apache.org/io/description.html#Safe_Deserialization";>Safe
Deserialization</a>.
+ </p>
+ </section>
+ </body>
</document>
