Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [cross-project-issues-dev] Alert regarding Apache commons-compress 1.6

independent of this issue, I recently filed CQ 8090 for commons-compress version 1.7


-----Original Message-----
From: cross-project-issues-dev-bounces@xxxxxxxxxxx [mailto:cross-project-issues-dev-bounces@xxxxxxxxxxx] On Behalf Of Thomas Hallgren
Sent: Dienstag, 15. April 2014 16:46
To: Cross project issues
Subject: [cross-project-issues-dev] Alert regarding Apache commons-compress 1.6


I just encountered a really nasty bug in the Apache commons-compress TarAchiveInputStream that makes it silently ignore 
large parts of an archive during unpack. The bug was fixed in version 1.7. Here's the JIRA ticket:

I'm posting this here because in Eclipse Orbit, the 1.6 version seems to be the most recent one. That is the version 
that is affected by this critical bug and really needs to get updated to at least 1.7 or even better, to the latest 
release (1.8 it seems).

- thomas

cross-project-issues-dev mailing list

Back to the top