[
https://issues.apache.org/jira/browse/WAGON-625?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17716008#comment-17716008
]
Elliotte Rusty Harold commented on WAGON-625:
---------------------------------------------
Not yet it doesn't. Instead it uses plexus-utils code that is actively broken
on some platforms. There's a problem in copying directories through or
containing symlinks. Commons-IO used to have the same problem — there's a lot
of copy pasta floating around this space — but they've recently fixed it, so
replacing plexus-utils with commons-io should repair that issue.
> Upgrade To commons-io 2.11.0
> ----------------------------
>
> Key: WAGON-625
> URL: https://issues.apache.org/jira/browse/WAGON-625
> Project: Maven Wagon
> Issue Type: Dependency upgrade
> Affects Versions: 3.5.1
> Reporter: Ryan Baxter
> Priority: Major
> Attachments: screenshot-1.png
>
>
> commons-io 2.6 is effected by CVE-2021-29425 which is addressed in 2.7
> https://nvd.nist.gov/vuln/detail/CVE-2021-29425
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
