[ https://issues.apache.org/jira/browse/FILEUPLOAD-343?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17741409#comment-17741409 ]
Dennis Kieselhorst commented on FILEUPLOAD-343: ----------------------------------------------- To be resolved, release 1.5 is out for a while. > Update Project Version > ---------------------- > > Key: FILEUPLOAD-343 > URL: https://issues.apache.org/jira/browse/FILEUPLOAD-343 > Project: Commons FileUpload > Issue Type: Wish > Reporter: Gabryel Monteiro > Priority: Minor > > Hello, > > It seems the last released version was released three years ago as 1.4. It > seems to be really sad, as there are further updates in the repository that > are not reflected in this release. > One of those problems would be the fact that the commons-io version in the > version 1.4 is a vulnerable one, that has a CVE. This doesn't happen in the > main repository. > It would be very interesting that you could upload a version 1.5 of the > library in the current state, so other projects could use a more recent > version and be more protected. At the moment I am using the > io.github.openfeign.form:feign-form-spring library and I have to manually > override the commons-io version, so the problem is avoided. -- This message was sent by Atlassian Jira (v8.20.10#820010)