Fgerthoffert opened a new pull request, #719:
URL: https://github.com/apache/unomi/pull/719
Updated to a more recent version of Apache Commons beanutils, to a version
not vulnerable to CVE-2025-48734
Note: We haven't investigated exposure of Unomi to that CVE via beanutils,
this PR is a precaution to make sure the next unomi release does not include a
version of beanutils with a vulnerability.
- [x] Make sure there is a [JIRA
issue](https://issues.apache.org/jira/browse/UNOMI) filed
for the change (usually before you start working on it). Trivial
changes like typos do not
require a JIRA issue. Your pull request should address just this
issue, without pulling in other changes.
- [x] Format the pull request title like `[UNOMI-XXX] - Title of the pull
request`
- [ ] Run `mvn clean install -P integration-tests` to make sure basic
checks pass. A more thorough check will be
performed on your pull request automatically.
- [x] I hereby declare this contribution to be licenced under the [Apache
License Version 2.0, January 2004](http://www.apache.org/licenses/LICENSE-2.0)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscr...@unomi.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
