HI Colleagues , Any updates you may have would be greatly appreciated.
Best Regards Randeep From: Singh, Randeep Sent: May 27, 2021 7:45 pm To: user@commons.apache.org Subject: Security issue in commons-fileup.load version 1.4 . HI All, This is regarding one of security issue that is reported in our component which is coming from commons-io (2.2) lib transitive dependency via commons-fileupload . It seems this is fixed in commons-io (2.7) or above, Hence would it be possible to bump version of commons-io to 2.8 or 2.9 and release a patch . I can see that it has been already done with this commit https://github.com/apache/commons-fileupload/commit/8370f1e0a15a0469d04579e2abd5500ebf90b8c8/ may I know by when we can expect a release of 2.0 ? in case patch is not possible . Best Regards Randeep