Bug 63725 - Upgrade commons-compress to 1.19
Summary: Upgrade commons-compress to 1.19
Status: RESOLVED FIXED
Alias: None
Product: POI
Classification: Unclassified
Component: POI Overall (show other bugs)
Version: 4.0.x-dev
Hardware: PC All
: P2 minor (vote)
Target Milestone: ---
Assignee: POI Developers List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-09-04 13:33 UTC by Tilman Hausherr
Modified: 2019-09-04 17:02 UTC (History)
0 users



Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Tilman Hausherr 2019-09-04 13:33:56 UTC
Consider updating commons-compress to 1.19, due to CVE-2019-12402.

The owasp plugin complained when I used poi-ooxml 4.1.0.
Comment 1 PJ Fanning 2019-09-04 17:02:28 UTC
Thanks for reporting this. The update is in trunk and will appear in next release.