The Apache Commons team is pleased to announce the release of Apache
Commons IO 2.14.0.
Commons IO is a package of Java utility classes like java.io. Classes
in this package are considered to be so standard and of such high
reuse as to justify existence in java.io.
The Apache Commons IO library
The Apache Arrow community is pleased to announce the 0.3.0 release of
Apache Arrow nanoarrow. This release covers 42 resolved issues from 4
contributors[1].
The release is available now from [2].
Release notes are available at:
Severity: low
Affected versions:
- Apache Avro Java SDK before 1.11.3
Description:
When deserializing untrusted or corrupted data, it is possible for a reader to
consume memory beyond the allowed constraints and thus lead to out of memory on
the system.
This issue affects Java applications
