[prev in list] [next in list] [prev in thread] [next in thread] 

List:       jakarta-commons-user
Subject:    Re: Updating common-beanutils 1.9.2 on common-validator
From:       Gary Gregory <garydgregory () gmail ! com>
Date:       2020-05-27 12:45:15
Message-ID: CACZkXPw6qm-i7JTM2XskaFakwJbkA3jeL-wtGLpz9M8HGrnGyQ () mail ! gmail ! com
[Download RAW message or body]


Hi,

You can update the dependency to common-beanutils 1.9.4 in your own POM or
whatever you use to manage dependencies (Ivy, Gradle, and so on.)

There is no schedule for release Commons Validator at this time, I imagine
it will happen at some undetermined time in the future.

Gary

On Wed, May 27, 2020 at 6:55 AM Debraj Manna <subharaj.manna@gmail.com>
wrote:

> Hi
>
> common-validator 1.6 uses common-beanutils 1.9.2 which has a vulnerability
> as explained in the below link
>
> https://vuldb.com/?id.140386
>
> Is there any plan for updating the common-beanutils to the latest in
> common-validator?
>
> Thanks,
>


[prev in list] [next in list] [prev in thread] [next in thread]