[
https://issues.apache.org/jira/browse/OFBIZ-6726?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15011915#comment-15011915 ]
Jacques Le Roux commented on OFBIZ-6726:
----------------------------------------
AFAIK, the upgrade should not affect OFBiz users in any ways.
Here are some information about the possible exploit:
https://issues.apache.org/jira/browse/OFBIZ-6568?focusedCommentId=14998306https://issues.apache.org/jira/browse/COLLECTIONS-580 TL;DR: see the comment about COLLECTIONS-580 in
http://commons.apache.org/proper/commons-collections/release_3_2_2.htmlhttp://www.ibm.com/developerworks/library/se-lookahead/> Update commons collections 3.2.1 because of known possible exploit
> ------------------------------------------------------------------
>
> Key: OFBIZ-6726
> URL:
https://issues.apache.org/jira/browse/OFBIZ-6726> Project: OFBiz
> Issue Type: Improvement
> Components: framework
> Affects Versions: Release Branch 12.04, Release Branch 13.07, Release Branch 14.12, Trunk
> Reporter: Jacques Le Roux
> Assignee: Jacques Le Roux
> Fix For: 14.12.01, 12.04.06, 13.07.03, Upcoming Branch
>
>
> Done to 3.2.2 at revision:
> trunk 1714571
> R14.12 1714575
> R13.07 1714576
> R13.04 1714577
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
Locked
