[ https://issues.apache.org/jira/browse/CONNECTORS-1565?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16749629#comment-16749629 ]
Markus Schuch commented on CONNECTORS-1565: ------------------------------------------- Ran MCF with this library version for some time now and no errors were encountered. [~kwri...@metacarta.com] what about the failing precommit task? is this a known issue? > Upgrade commons-collections to 3.2.2 (CVE-2015-6420) > ---------------------------------------------------- > > Key: CONNECTORS-1565 > URL: https://issues.apache.org/jira/browse/CONNECTORS-1565 > Project: ManifoldCF > Issue Type: Bug > Components: Framework core > Affects Versions: ManifoldCF 2.12 > Reporter: Markus Schuch > Assignee: Markus Schuch > Priority: Critical > Fix For: ManifoldCF next > > Attachments: CONNECTORS-1565.patch > > > We should upgrade commons-collections to 3.2.2 due to a known security issue > with 3.2.1 > https://commons.apache.org/proper/commons-collections/security-reports.html > Further reading: > [http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-andyour-application-have-in-common-this-vulnerability/] > [https://www.cvedetails.com/cve/CVE-2015-6420/] -- This message was sent by Atlassian JIRA (v7.6.3#76005)