[jira] [Commented] (FOP-3051) Upgrade to Commons IO 2.11

Simon Steiner (Jira) Wed, 23 Mar 2022 02:26:04 -0700


    [ 
https://issues.apache.org/jira/browse/FOP-3051?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17511145#comment-17511145
 ]


Simon Steiner commented on FOP-3051:
------------------------------------

You can exclude commons-io from fop in your pom file
<dependency>
    <groupId>xx</groupId>
    <artifactId>xx</artifactId>
    <version>xx</version>
    <exclusions>
        <exclusion>
            <groupId>xx</groupId>
            <artifactId>xx</artifactId>
        </exclusion>
    </exclusions>
</dependency>


> Upgrade to Commons IO 2.11
> --------------------------
>
>                 Key: FOP-3051
>                 URL: https://issues.apache.org/jira/browse/FOP-3051
>             Project: FOP
>          Issue Type: Bug
>            Reporter: PJ Fanning
>            Assignee: Simon Steiner
>            Priority: Major
>             Fix For: trunk
>
>
> [https://mvnrepository.com/artifact/org.apache.xmlgraphics/xmlgraphics-commons/2.7]
> v2.7 depends on a commons-io release that has a CVE
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (FOP-3051) Upgrade to Commons IO 2.11

Reply via email to