I notice that commons-beanutils-1.7.0.jar is present. This JAR was removed from GeoServer and replaced with the customised commons-beanutils-1.9.2-noclassprop.jar because it enabled a remote code execution vulnerability.
Also, gt-complex-16-beta-tests.jar is still present. Both these issues were noticed during the 16-M0 release and have not been fixed since. While not a blocker for the beta, we should at least fix the beanutils jar before the 16-RC1 (release candidate) Since these issues have been forgotten since the last release, I will create JIRA tickets for them. Torben On Mon, Sep 19, 2016 at 12:48 PM, Devon Tucker <devonrtuc...@gmail.com> wrote: > Hi all, > > GeoTools 16-beta artifacts are built: > > http://ares.boundlessgeo.com/geotools/release/16-beta/ > > Please test out as you see fit. I'm installing them now. > > Cheers, > Devon > > ------------------------------------------------------------ > ------------------ > > _______________________________________________ > GeoTools-Devel mailing list > GeoTools-Devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/geotools-devel > >
------------------------------------------------------------------------------
_______________________________________________ GeoTools-Devel mailing list GeoTools-Devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geotools-devel
