Hello Commons,
As you might know Commons Text recently published a CVE. It seems there is
a fair bit of confusion about its severity online, so it seems like a good
idea to publish a statement around that on the website.
I've proposed one at https://github.com/apache/commons-text/pull/374 and
I'd
I have an unpublished security page in the repo already. Let's not
duplicate information like this PR does please. Publishing a non-snapshot
site is a pain and I don't want to do more than I have to. There is no need
to buy in and promote the FUD on the front page IMO. This component will
soon publ
FYI: I updated the security page
https://commons.apache.org/proper/commons-text/security.html
Gary
On Tue, Oct 18, 2022 at 4:25 PM Gary Gregory wrote:
>
> I have an unpublished security page in the repo already. Let's not duplicate
> information like this PR does please. Publishing a non-snapsh
