The MINA project is pleased to announce the MINA 2.1.15 and 2.0.31 releases.
This is a bug fix release: A fix for CVE-2026-47065 ("Critical
Deserialization Allow-list Bypass via resolveProxyClass") hasn't been
backported to these two version.
Many thanks to **tonghuaroot** who have reported this mistake.
Affected versions:
------------------------
These issues affect **MINA** core versions prior to 2.1.15 and 2.0.31
Mitigation:
--------------
Those who used the versions 2.2.14, 2.0.30 and prior have to upgrade.
--
Regards,
Cordialement,
Emmanuel Lécharny
www.worteks.com
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]