On 2017-03-10 07:39, Julian Reschke wrote:
On 2017-03-10 04:05, Tobias Bocanegra wrote:...[X] -1 Do not release this package because... ...it references unstable releases of Jackrabbit and Oak.
...it also uses commons-collections 3.2.1... (<https://www.cvedetails.com/vulnerability-list/vendor_id-45/product_id-32731/version_id-187982/Apache-Commons-Collections-3.2.1.html>). Should be 3.2.2.
Best regards, Julian
