Ubuntu
libcommons-collections3-java package

  1. Bug #1514985
  2. Comment #5

Comment 5 for bug 1514985

Revision history for this message
Bert Driehuis (driehuis) wrote :

Redhat released their fixed rpm referencing CVE-2015-7501 (RHSA-2015:2521). It looks like they cherrypicked the COLLECTIONS-580.patch and released it as jakarta-commons-collections 0:3.2.1-3.5.el6_7.

As usual, MITRE still has CVE-2015-7501 as "reserved".