ML Java Client v2.0.5 - CVE vulnerability (CVE-2014-0107)

[davidbcollins]

A known vulnerability exists in a dependency: CVE-2014-0107.

It is in xalan-2.7.1 which is a dependency of jdom2-2.0.5.

[sammefford]

Fixed by commit f13e091

[sammefford]

@georgeajit could you just make sure this didn't introduce any regressions?

[georgeajit]

No regressions seen. Verified on 05/04/2017 regression status page. The project has the newer versions of Jars in local maven repository,as specified in the commit.