This is an automated email from the ASF dual-hosted git repository.
ggregory pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-fileupload.git
The following commit(s) were added to refs/heads/master by this push:
new 883f080 Fix spelling
883f080 is described below
commit 883f0801b98eeee959bc9089db348a7d8eddf671
Author: Gary Gregory <garydgreg...@gmail.com>
AuthorDate: Tue Jul 11 09:55:53 2023 -0400
Fix spelling
---
src/site/fml/faq.fml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/site/fml/faq.fml b/src/site/fml/faq.fml
index e369a94..d61dd51 100644
--- a/src/site/fml/faq.fml
+++ b/src/site/fml/faq.fml
@@ -187,7 +187,7 @@ try {
</p>
<p>
It is true, that this class exists, and can be
serialized/deserialized in FileUpload versions, up to, and
- including 1.3.2. It is also true, that a malicious attacker can
abuse this possibility to create abitraryly
+ including 1.3.2. It is also true, that a malicious attacker can
abuse this possibility to create arbitrarily
located files (assuming the required permissions) with arbitrary
contents, if he gets the opportunity to
provide specially crafted data, which is being deserialized by a
Java application, which has either of the
above versions of Commons FileUpload in the classpath, and which
puts no limitations on the classes being
