Good Afternoon. We at Fiserv use Apache commons libraries in our web applications. I am just curious to know when is Apache planning to release a stable version of BeanUtils2. This is because we are still using BeanUtils which in turn has a dependency on Apache Commons 3.2.2
A recent vulnerability discovered in Apache Commons 3.2.2 requires us to upgrade this version, which means a new version of BeanUtils that uses Apache Commons 4 Appreciate your feedback/response. * There is a resolution<https://issues.apache.org/jira/browse/COLLECTIONS-701> to the vulnerability<https://issues.apache.org/jira/browse/COLLECTIONS-701> available in commons-collections (4.3<https://issues.apache.org/jira/issues/?jql=project+%3D+COLLECTIONS+AND+fixVersion+%3D+4.3>). Regards Vinay
