Deepesh created COLLECTIONS-581:
-----------------------------------
Summary: Deserialization vulnerability in Apache Commons Collection
Key: COLLECTIONS-581
URL: https://issues.apache.org/jira/browse/COLLECTIONS-581
Project: Commons Collections
Issue Type: Bug
Components: Functor
Affects Versions: 3.2.1, 3.1, 3.0
Reporter: Deepesh
Hi Team,
This is regarding “commons-collections Java library”. In our applications we
are widely using this library and hence looking to urgently patch the fix for
vulnerability issue if it is available.
Searching on internet we found one patch released on Sunday 08th Nov
http://svn.apache.org/viewvc?view=revision&revision=1713307
Just wanted to check with you if there is any updated / complied version of
commons-collections jar available or going to be released soon which we can
directly replace with our existing jar file that provides the fix for the
vulnerability issue.
Thanks in advance!
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
