On 11/10/2022 16:25, Mike Drob wrote:
Thanks for this outline, Mark. Some questions in line.
Mike
On Tue, Oct 11, 2022 at 6:13 AM Mark Thomas wrote:
Roman - don't do anything yet.
Commons folk, I suggest the following which is based on how we have
oss-fuzz setup on Tomcat.
1. Create a Goog
Hello.
Le sam. 15 oct. 2022 à 16:39, Avijit Basak a écrit :
>
> Hi All
>
> Please see my comments below. Kindly share further thoughts.
>
> > [...]
> >I'm not sure what you mean: The examples just run a GA-like algorithm,
> >but (AFAICT) do not compare the output to some expected outcome.
Hi All
Please see my comments below. Kindly share further thoughts.
> [...]
>I'm not sure what you mean: The examples just run a GA-like algorithm,
>but (AFAICT) do not compare the output to some expected outcome.
-- I have some code changes in the "examples-ga-math-functions" module to
c
Sure, I can take a look, but it might be a few days or longer. Be aware
that jxpath is not as active a component as some of our others. There is
also might not be original authors left around to evaluate and opine, so
we'll have to be careful.
Gary
On Sat, Oct 15, 2022, 07:31 Khaled Yakdan
wrote
Hi all,
We have submitted a PR to fix the vulnerability based on an allow list:
https://github.com/apache/commons-jxpath/pull/26
With this fix, no classes are allowed by default unless users explicitly
specify which classes are allowed using a system property. Are there any
volunteers who can hav
