DB Intern / DB internal Dear all,
as a happy Apache Velocity user I realised these days that there is a security issue related to the dependency org.apache.commons:commons-lang3:jar:3.17.0 (https://github.com/advisories/GHSA-j288-q9x7-2f5v) in velocity-engine-core. This dependency has already been updated in source control, but not released so far. Is there already a plan, when the next release is going to be performed? Many thanks, Michael P.S.: If this message arrives for the second time this is my fault. I first sent it without subscribing to the list which I then did. However, I could not see my first email in the archive. ________________________________ Pflichtangaben anzeigen<https://www.deutschebahn.com/pflichtangaben/20250901> N?here Informationen zur Datenverarbeitung im DB-Konzern finden Sie hier: https://www.deutschebahn.com/de/konzern/datenschutz
