[ https://issues.apache.org/jira/browse/OFBIZ-6726?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15031661#comment-15031661 ]
Jacques Le Roux commented on OFBIZ-6726: ---------------------------------------- Maybe we should udate to 4.1 http://markmail.org/message/nh6csf4fun5n6e23 but that needs to be checked. I mean it's maybe not as easy as changing the lib and the 2 OOTB imports (from "org.apache.commons.collections to "org.apache.commons.collections4)... > Update commons collections to 3.2.2 because of known possible exploit > --------------------------------------------------------------------- > > Key: OFBIZ-6726 > URL: https://issues.apache.org/jira/browse/OFBIZ-6726 > Project: OFBiz > Issue Type: Sub-task > Components: framework > Affects Versions: Release Branch 12.04, Release Branch 13.07, Release > Branch 14.12, Trunk > Reporter: Jacques Le Roux > Assignee: Jacques Le Roux > Fix For: 14.12.01, 12.04.06, 13.07.03, Upcoming Branch > > > Done to 3.2.2 at revision: > trunk 1714571 > R14.12 1714575 > R13.07 1714576 > R13.04 1714577 -- This message was sent by Atlassian JIRA (v6.3.4#6332)