upgrade commons-text to a non-vulnerable version

intuit / fuzzy-matcher

A Java library to determine probability of objects being similar.

Apache License 2.0

226 stars 69 forks source link

Closed knoll-pointer closed 1 year ago

knoll-pointer commented 1 year ago

A new arbitrary code execution vul has been found in commons-text:

org.apache.commons commons-text 1.9

version 1.10.0 is not vulnerable.

sfgvieira commented 1 year ago

This seems to be already fixed on the current codebase but there's no release to maven central, any plans for that?

manishobhatia commented 1 year ago

released 1.2.1