velocity剔除commons-collections版本,防止3.2.1版本的反序列化漏洞
This commit is contained in:
parent
b2e48a2345
commit
ec384f60a5
16
pom.xml
16
pom.xml
@ -30,6 +30,7 @@
|
||||
<druid.version>1.2.4</druid.version>
|
||||
<commons.io.version>2.5</commons.io.version>
|
||||
<commons.fileupload.version>1.3.3</commons.fileupload.version>
|
||||
<commons.collections.version>3.2.2</commons.collections.version>
|
||||
<bitwalker.version>1.21</bitwalker.version>
|
||||
<jwt.version>0.9.1</jwt.version>
|
||||
<kaptcha.version>2.3.2</kaptcha.version>
|
||||
@ -219,11 +220,24 @@
|
||||
<version>${poi.version}</version>
|
||||
</dependency>
|
||||
|
||||
<!--velocity代码生成使用模板 -->
|
||||
<!-- velocity代码生成使用模板 -->
|
||||
<dependency>
|
||||
<groupId>org.apache.velocity</groupId>
|
||||
<artifactId>velocity</artifactId>
|
||||
<version>${velocity.version}</version>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>commons-collections</groupId>
|
||||
<artifactId>commons-collections</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
|
||||
<!-- collections工具类 -->
|
||||
<dependency>
|
||||
<groupId>commons-collections</groupId>
|
||||
<artifactId>commons-collections</artifactId>
|
||||
<version>${commons.collections.version}</version>
|
||||
</dependency>
|
||||
|
||||
<!-- 定时任务 -->
|
||||
|
@ -25,7 +25,7 @@ import com.ruoyi.framework.web.page.TableSupport;
|
||||
*/
|
||||
public class BaseController
|
||||
{
|
||||
protected final Logger logger = LoggerFactory.getLogger(BaseController.class);
|
||||
protected final Logger logger = LoggerFactory.getLogger(this.getClass());
|
||||
|
||||
/**
|
||||
* 将前台传递过来的日期格式的字符串,自动转化为Date类型
|
||||
|
Loading…
Reference in New Issue
Block a user