Security update for apache-commons-beanutils
This update for apache-commons-beanutils fixes the following issues:
Security issue fixed:
- CVE-2019-10086: Added special BeanIntrospector class which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects (bsc#1146657).
This update was imported from the SUSE:SLE-15:Update update project.
-
Submitted by
Pedro Monreal Gonzalez (pmonrealgonzalez)
Fixed bugs
bnc#1146657
VUL-0: CVE-2019-10086: apache-commons-beanutils: In 1.9.2, a BeanIntrospector class was added to thwart CVE-2014-0224 but is not used by default
