Le 12/11/2015 04:39, Phil Steitz a écrit :
> That is frankly ridiculous. To -1 a release based on false positive report
> about files not included in the release is absurd.
I agree with Phil. We are releasing code, not reports.
Emmanuel
---
> On Nov 11, 2015, at 12:05 PM, Gary Gregory wrote:
>
> -1
That is frankly ridiculous. To -1 a release based on false positive report
about files not included in the release is absurd.
Phil
>
> I'm sorry, but the RAT check is still not right.
>
> If you look at the POM:
>
> https://svn.
FYI, I was testing with:
Apache Maven 3.3.9 (bb52d8502b132ec0a5a3f4c09453c07478323dc5;
2015-11-10T08:41:47-08:00)
Maven home: E:\Java\apache-maven-3.3.9\bin\..
Java version: 1.8.0_65, vendor: Oracle Corporation
Java home: C:\Program Files\Java\jdk1.8.0_65\jre
Default locale: en_US, platform encodi
FYI, I was testing with:
On Wed, Nov 11, 2015 at 11:05 AM, Gary Gregory
wrote:
> -1
>
> I'm sorry, but the RAT check is still not right.
>
> If you look at the POM:
>
>
> https://svn.apache.org/repos/asf/commons/proper/collections/tags/COLLECTIONS_3_2_2_RC2/pom.xml
>
> you will see:
>
> src/tes
Hi Thomas,
build works fine with Java 1.6 on Windows 10, artifacts and site look
good. So +1.
Unfortunately, I have currently not the time to dig deeper into the
problematic addressed by this release; so I cannot comment on the fixes.
As I do not have a current project that depends on collections
-1
I'm sorry, but the RAT check is still not right.
If you look at the POM:
https://svn.apache.org/repos/asf/commons/proper/collections/tags/COLLECTIONS_3_2_2_RC2/pom.xml
you will see:
src/test/resources/data/test/*
This folder does not exist.
Which is why I see the following when I build:
Hi all,
in order to provide a work-around for the known remote code exploit via
java de-serialization of malicious InvokerTransformer instances, I would
like to start a vote to release Commons Collections 3.2.2 based on RC2.
Notes:
* the site will not be published, it just serves as a reference
On Nov 11, 2015 1:56 AM, "Thomas Neidhart"
wrote:
>
> On 11/10/2015 11:41 PM, Gary Gregory wrote:
> > On Tue, Nov 10, 2015 at 2:22 PM, Thomas Neidhart <
thomas.neidh...@gmail.com>
> > wrote:
> >
> >> On 11/10/2015 10:52 PM, Gary Gregory wrote:
> >>> Hi all:
> >>>
> >>> -1
> >>>
> >>> Sorry, the RA
On 11/09/2015 11:37 PM, Thomas Neidhart wrote:
> Hi all,
>
> in order to provide a work-around for the known remote code exploit via
> java de-serialization of malicious InvokerTransformer instances, I would
> like to start a vote to release Commons Collections 3.2.2 based on RC1.
>
> I would kin
On 2015-11-09, Thomas Neidhart wrote:
> in order to provide a work-around for the known remote code exploit via
> java de-serialization of malicious InvokerTransformer instances, I would
> like to start a vote to release Commons Collections 3.2.2 based on RC1.
+1
Stefan
I agree that the CSS file does not have an AL header, however it is
only one line so it is at best doubtful that it needs one.
There is little or no evidence of originality / creative expression in
that one line.
The daemon css file on the other hand is longer than the AL header, so
needs the head
On 11/10/2015 11:41 PM, Gary Gregory wrote:
> On Tue, Nov 10, 2015 at 2:22 PM, Thomas Neidhart
> wrote:
>
>> On 11/10/2015 10:52 PM, Gary Gregory wrote:
>>> Hi all:
>>>
>>> -1
>>>
>>> Sorry, the RAT failure needs to be handled one way or another: exclude
>> the
>>> files or add headers:
>>>
>>> U
Hello,
BTW Oracle issued a "Strange" Security alert:
2015-4852 was released on November 10th, 2015.
This vulnerability, which involves the Apache Commons and Oracle WebLogic
Server, has received a CVSS Base Score of 7.5.
...
Bernd
> Am 08.11.2015 um 10:41 schrieb Benedikt Ritter :
>
> Hi,
>
13 matches
Mail list logo
