Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrade commons-net to 3.9.0 to address CVE-2021-37533 #241

Merged
merged 1 commit into from
Sep 3, 2023

Conversation

wborn
Copy link
Contributor

@wborn wborn commented Sep 3, 2023

This newer version addresses CVE-2021-37533 which prevents issues for users who use this older version as a transitive nrjavaserial dependency.

For release notes, see:

https://commons.apache.org/proper/commons-net/changes-report.html

Fixes #237

This newer version addresses CVE-2021-37533 which prevents issues for users who use this older version as a transitive nrjavaserial dependency.

For release notes, see:

https://commons.apache.org/proper/commons-net/changes-report.html

Fixes NeuronRobotics#237
@MrDOS MrDOS merged commit 0df8b60 into NeuronRobotics:master Sep 3, 2023
0 of 3 checks passed
@MrDOS
Copy link
Contributor

MrDOS commented Sep 3, 2023

Thanks for the reminder 🙂

@wborn
Copy link
Contributor Author

wborn commented Sep 3, 2023

Thank you for the quick merge and excellent work on fixing the build issues and efforts for adding Apple Silicon support. 🙂

@wborn wborn deleted the upgrade-commons-net branch September 3, 2023 08:37
@sblantipodi
Copy link

are there any plan for a new release?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Provides transitive vulnerable dependency maven:commons-net:commons-net:3.3
3 participants