From c0f1569ad98aa44bd4ee2712ff1f3de974a28091 Mon Sep 17 00:00:00 2001
From: hh44h1144 <huyongquan@ecloude.com>
Date: Fri, 12 Mar 2021 16:59:06 +0800
Subject: [PATCH] 修复commons-collections引起的反序列化漏洞

---
 pom.xml |   12 +++++++++++-
 1 files changed, 11 insertions(+), 1 deletions(-)

diff --git a/pom.xml b/pom.xml
index c9377ce..ecc6df1 100644
--- a/pom.xml
+++ b/pom.xml
@@ -136,8 +136,18 @@
                 <groupId>org.apache.velocity</groupId>
                 <artifactId>velocity</artifactId>
                 <version>${velocity.version}</version>
+                <exclusions>
+                    <exclusion>
+                        <groupId>commons-collections</groupId>
+                        <artifactId>commons-collections</artifactId>
+                    </exclusion>
+                </exclusions>
             </dependency>
-	        
+            <dependency>
+                <groupId>commons-collections</groupId>
+                <artifactId>commons-collections</artifactId>
+                <version>3.2.2</version>
+            </dependency>
             <!-- 阿里JSON解析器 -->
             <dependency>
                 <groupId>com.alibaba</groupId>

--
Gitblit v1.9.2