Fix current CVE in JXLS 3.0.0

[uek06]

Hello,

jxls-poi version 3.0.0 has 2 CVE from dependencies that would be easy to correct :

• org.apache.poi : poi : 5.2.2 => upgrade to 5.2.4
• org.apache.commons : commons-compress : 1.25.0 => upgrade to 1.26.0

Is it possible to release a version 3.0.1 with theses fixes ?

Thanks

[SoltauFintel]

Bonjour

We can not update to POI > 5.2.2 because of the unfixed POI bug 66687.

We could try updating to commons-compress 1.26.2.