Hello, I'm a user of ModeShape, a Java Content Repository implementation. In the latest release, developers of ModeShape have disabled POI integration due to a security vulnerability<https://issues.jboss.org/browse/MODE-1934> . Thanks to the quick response from you guys, the issue is now fixed in the trunk <https://issues.apache.org/bugzilla/show_bug.cgi?id=54682>. Would you consider releasing an intermediary 3.9.1-like version of the * poi-scratchpad* artifact, which would include (at least) this fix? The build architecture of ModeShape requires to have artifacts in Maven, so they can't roll out their own POI packages.
Thanks a lot! -- Damiano Albani
