forked from sonatype/plexus-archiver
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Use apache-commons-compress for bzip2 compression/decompression
Plexus Archiver contains old bzip2 compression and decompression code which is appearently forked from Apache Ant. The same code is currently maintained as part of Apache Commons Compress. The bundled bzip2 code is very outdated. It has several bugs, serious performance problems, including CVE-2012-2098 vulnerability, which can be used to cause denial of service. To fix security vulnerability and prevent future problems bundled bzip2 code is removed and replaced by calls to Apache Commons Compress library.
- Loading branch information
Showing
9 changed files
with
16 additions
and
3,182 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
110 changes: 0 additions & 110 deletions
110
src/main/java/org/codehaus/plexus/archiver/bzip2/BZip2Constants.java
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.