[
https://issues.apache.org/jira/browse/FILEUPLOAD-279?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15666372#comment-15666372
]
Mark Thomas commented on FILEUPLOAD-279:
-1 to back-porting since it breaks backwards
[
https://issues.apache.org/jira/browse/FILEUPLOAD-279?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Chris Seieroe updated FILEUPLOAD-279:
-
Attachment: fix2.patch
I reapplied the fixes on a clean copy, and the patch looks a
[
https://issues.apache.org/jira/browse/FILEUPLOAD-279?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Chris Seieroe updated FILEUPLOAD-279:
-
Attachment: (was:
[
https://issues.apache.org/jira/browse/FILEUPLOAD-279?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15665795#comment-15665795
]
Chris Seieroe commented on FILEUPLOAD-279:
--
Looking back at the patch, it's a lot larger than
[
https://issues.apache.org/jira/browse/FILEUPLOAD-279?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Chris Seieroe updated FILEUPLOAD-279:
-
Attachment: 0001-Fix-CVE-2016-131-by-making-DiskFileItem-not-Seri.patch
First
[
https://issues.apache.org/jira/browse/FILEUPLOAD-279?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15665725#comment-15665725
]
Gary Gregory commented on FILEUPLOAD-279:
-
Patches welcome!
> CVE-2016-131 - Apache
[
https://issues.apache.org/jira/browse/FILEUPLOAD-279?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15665692#comment-15665692
]
Chris Seieroe edited comment on FILEUPLOAD-279 at 11/15/16 1:40 AM:
[
https://issues.apache.org/jira/browse/FILEUPLOAD-279?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15665692#comment-15665692
]
Chris Seieroe commented on FILEUPLOAD-279:
--
I noticed that in the main branch, back in May,
[
https://issues.apache.org/jira/browse/TEXT-23?focusedWorklogId=32044=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-32044
]
Rob Tompkins logged work on TEXT-23:
Author: Rob Tompkins
Created on:
[
https://issues.apache.org/jira/browse/TEXT-23?focusedWorklogId=32045=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-32045
]
Rob Tompkins logged work on TEXT-23:
Author: Rob Tompkins
Created on:
[
https://issues.apache.org/jira/browse/TEXT-23?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Rob Tompkins resolved TEXT-23.
--
Resolution: Implemented
> Move text related code from commons-lang into commons-text
>
[
https://issues.apache.org/jira/browse/TEXT-23?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15664913#comment-15664913
]
Rob Tompkins commented on TEXT-23:
--
Resolved by: https://github.com/apache/commons-text/pull/8
> Move text
Daniel Temme created IO-522:
---
Summary: Symbolic links get followed in deleteQuietly
Key: IO-522
URL: https://issues.apache.org/jira/browse/IO-522
Project: Commons IO
Issue Type: Bug
[
https://issues.apache.org/jira/browse/FILEUPLOAD-279?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michiel Weggen updated FILEUPLOAD-279:
--
Description:
http://www.tenable.com/security/research/tra-2016-12
Summary
There
Michiel Weggen created FILEUPLOAD-279:
-
Summary: CVE-2016-131 - Apache Commons FileUpload DiskFileItem
File Manipulation Remote Code Execution
Key: FILEUPLOAD-279
URL:
[
https://issues.apache.org/jira/browse/POOL-315?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15663312#comment-15663312
]
Mark Thomas commented on POOL-315:
--
Thanks for the review. Patch applied.
> GenericObjectPool close() does
[
https://issues.apache.org/jira/browse/CRYPTO-129?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15663091#comment-15663091
]
Jianguo Tian commented on CRYPTO-129:
-
I have fixed this jira with the first step and I have [pull
17 matches
Mail list logo