[ https://issues.apache.org/jira/browse/OFBIZ-6726?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15011915#comment-15011915 ]
Jacques Le Roux commented on OFBIZ-6726: ---------------------------------------- AFAIK, the upgrade should not affect OFBiz users in any ways. Here are some information about the possible exploit: https://issues.apache.org/jira/browse/OFBIZ-6568?focusedCommentId=14998306 https://issues.apache.org/jira/browse/COLLECTIONS-580 TL;DR: see the comment about COLLECTIONS-580 in http://commons.apache.org/proper/commons-collections/release_3_2_2.html http://www.ibm.com/developerworks/library/se-lookahead/ > Update commons collections 3.2.1 because of known possible exploit > ------------------------------------------------------------------ > > Key: OFBIZ-6726 > URL: https://issues.apache.org/jira/browse/OFBIZ-6726 > Project: OFBiz > Issue Type: Improvement > Components: framework > Affects Versions: Release Branch 12.04, Release Branch 13.07, Release > Branch 14.12, Trunk > Reporter: Jacques Le Roux > Assignee: Jacques Le Roux > Fix For: 14.12.01, 12.04.06, 13.07.03, Upcoming Branch > > > Done to 3.2.2 at revision: > trunk 1714571 > R14.12 1714575 > R13.07 1714576 > R13.04 1714577 -- This message was sent by Atlassian JIRA (v6.3.4#6332)