I just updated in svn trunk the dependency Apache Commons BeanUtils from
1.9.2 to 1.9.3.

My hope is to see the community:

- Release Apache Commons Release Maven Pplugin 1.1 (this one is DONE :-)
- Release Apache Commons Parent 45 (referencing  Apache Commons Release
plugin 1.1)
- Release other Apache Commons components like Validator.


On Wed, Feb 14, 2018 at 2:11 PM, Jon Champlin <jon.champl...@gmail.com>

>  We have an internal product that we use that includes the
> commons-validator package from the central Maven repository and when
> running a third-party library scanner (Black Duck) on the jar file it
> flagged commons-beanutils and commons-collections as having security
> vulnerabilities.  I was wondering if there were plans in the near future to
> release a new version of commons-validator that had the latest version of
> compile dependencies for commons-beanutils, commons-collections and
> commons-digester?

Reply via email to