GitHub user BruceKuiLiu opened a pull request:
https://github.com/apache/poi/pull/77
Remove the 'public' modifier to make fields package protected.
The two mutable static fields could be changed by malicious code or by
accident. These fields could be made package protected to avoid this
vulnerability.
http://findbugs.sourceforge.net/bugDescriptions.html#MS_PKGPROTECT
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/BruceKuiLiu/poi master5
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/poi/pull/77.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #77
----
commit 7c9cbd532288914ab05fc32686ba7501b667cc0f
Author: Kui LIU <[email protected]>
Date: 2017-10-14T17:59:42Z
Remove the 'public' modifier to make fields package protected.
The two mutable static fields could be changed by malicious code or by
accident. These fields could be made package protected to avoid this
vulnerability.
http://findbugs.sourceforge.net/bugDescriptions.html#MS_PKGPROTECT
----
---
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
