Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[m2e-users] Vulnerability problem found in M2E

Hello community.
On the past weeks, a security vulnerability was found in Apache Commons Collections library, particularly on versions 3.x and 4.x. You can see details here
The fix is on its way and tracked under this JIRA
Now, I've been digging this a little bit and found that one M2E plugin is bundling this commons-collections.jar archive, at least on Eclipse Luna. Doing a quick search in the Eclipse installation I found this
Do you have any plans to patch this plugin with the updated library (once available)?

Victor Adrian Sosa Herrera  
Software Engineer - Rational Application Developer  2200 Camino A El Castillo
IBM Master Innovator  El Salto, 45680
Mexico Software Lab  Mexico
Phone: +52-33-3669-7000 x3344   
Mobile: +52-1-33-1529-6494   
e-mail: victorsh@xxxxxxxxxxx   
DeveloperWorks blog   


Back to the top