use commons-collections v3.2.2 to avoid v3.2.1 vulnerability

iipc / webarchive-commons

Common web archive utility code.

Apache License 2.0

50 stars 72 forks source link

use commons-collections v3.2.2 to avoid v3.2.1 vulnerability #77

Closed ndushay closed 7 years ago

ndushay commented 7 years ago

resolves #76

Dunno if it would make sense to up the version of it.unimi.dsi instead, or if that would fix the vulnerability ... but do know that this should address the problems with minimal, if any, side effects.

ldko commented 7 years ago

Regarding possibly upping the version of it.unimi.dsi, I think even the most recent version is still using a version of commons-collections under 3.2.2

ldko commented 7 years ago

Thanks @ndushay