Hi all, I'm wondering if there are any plans to get another Mavibot release out? It still depends on Commons Collections 3.2.1 (I upgraded it in 2016 - https://github.com/apache/directory-mavibot/commit/5f5fa0f5e9a95be45a004a4d137f9a29a9f7991d#diff-600376dffeb79835ede4a0b285078036), which has a deserialization CVE associated with it. Maybe we could get another release out even if it just contains this fix to avoid bundling a vulnerable library?
Colm. -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
