968
77%

Ran 08 Mar 2016 06:03PM UTC

Jobs 1

Files 172

Run time 20s

Badge

Embed ▾

pending completion

Build # 968

Build Type

Pull #317

travis-ci

Committed by

fcfort

Commit Message

Upgrade Apache Commons Collections to v3.2.2

Version 3.2.1 has a CVSS 10.0 vulnerability. That's the worst kind of
vulnerability that exists. By merely existing on the classpath, this
library causes the Java serialization parser for the entire JVM process
to go from being a state machine to a turing machine. A turing machine
with an exec() function!

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8103
https://commons.apache.org/proper/commons-collections/security-reports.html
http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/

Pull Request Pull Request #317: Upgrade Apache Commons Collections to v3.2.2

Run Details

5042 of 6577 relevant lines covered (76.66%)

34.9 hits per line

Jobs

ID	Job ID	Ran	Files	Coverage
1	968.1	08 Mar 2016 06:03PM UTC	0	76.66	Travis Job 968.1

buddycloud / buddycloud-server-java / 968
77%

README BADGES
x

Markdown

Textile

RDoc

HTML

Rst

Jobs

Source Files on build 968

buddycloud / buddycloud-server-java / 968 77%

README BADGES x

Markdown

Textile

RDoc

HTML

Rst

Jobs

Source Files on build 968

buddycloud / buddycloud-server-java / 968
77%

README BADGES
x