Uploaded image for project: 'Bitbucket Data Center'
  1. Bitbucket Data Center
  2. BSERV-8193

Update Apache Commons Collections to v3.2.2

XMLWordPrintable

    • Icon: Suggestion Suggestion
    • Resolution: Fixed
    • 3.11.6, 4.0.6, 4.1.3, 4.2.0
    • None
    • None
    • We collect Bitbucket feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      The dependency on Apache Commons Collections should be upgraded to v.3.2.2 to incorporate the fix for: COLLECTIONS-580 - Arbitrary remote code execution with InvokerTransformer

      There is no known exploit for this vulnerability in Bitbucket Server or Bitbucket Data Centre, however this library should be upgraded regardless.

            [BSERV-8193] Update Apache Commons Collections to v3.2.2

            Katherine Yabut made changes -
            Workflow Original: JAC Suggestion Workflow [ 3397932 ] New: JAC Suggestion Workflow 3 [ 3622674 ]
            Status Original: RESOLVED [ 5 ] New: Closed [ 6 ]
            Monique Khairuliana (Inactive) made changes -
            Workflow Original: BSERV Suggestions Workflow [ 3391744 ] New: JAC Suggestion Workflow [ 3397932 ]
            Monique Khairuliana (Inactive) made changes -
            Workflow Original: Stash Workflow - Restricted [ 1448150 ] New: BSERV Suggestions Workflow [ 3391744 ]
            Issue Type Original: Development Task [ 12 ] New: Suggestion [ 10000 ]
            Priority Original: Medium [ 3 ]
            Status Original: Closed [ 6 ] New: Resolved [ 5 ]
            Owen made changes -
            Workflow Original: Stash Workflow [ 1028591 ] New: Stash Workflow - Restricted [ 1448150 ]
            Lucy made changes -
            Fix Version/s New: 3.11.6 [ 60411 ]
            Fix Version/s Original: 3.11.5 [ 56597 ]
            Nick made changes -
            Link New: This issue is duplicated by BSERV-8202 [ BSERV-8202 ]
            Ben Humphreys made changes -
            Resolution New: Fixed [ 1 ]
            Status Original: Open [ 1 ] New: Closed [ 6 ]
            Ben Humphreys made changes -
            Resolution Original: Done [ 17 ]
            Status Original: Closed [ 6 ] New: Open [ 1 ]
            Ben Humphreys made changes -
            Link New: This issue is related to BSERV-8123 [ BSERV-8123 ]
            Ben Humphreys made changes -
            Fix Version/s New: 4.1.3 [ 60159 ]
            Fix Version/s Original: 4.1.1 [ 60133 ]

              Unassigned Unassigned
              behumphreys Ben Humphreys
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: