From c0f1569ad98aa44bd4ee2712ff1f3de974a28091 Mon Sep 17 00:00:00 2001
From: hh44h1144 <huyongquan@ecloude.com>
Date: 星期五, 12 三月 2021 16:59:06 +0800
Subject: [PATCH] 修复commons-collections引起的反序列化漏洞

---
 ruoyi-generator/pom.xml |    6 +++++-
 pom.xml                 |   12 +++++++++++-
 2 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/pom.xml b/pom.xml
index c9377ce..ecc6df1 100644
--- a/pom.xml
+++ b/pom.xml
@@ -136,8 +136,18 @@
                 <groupId>org.apache.velocity</groupId>
                 <artifactId>velocity</artifactId>
                 <version>${velocity.version}</version>
+                <exclusions>
+                    <exclusion>
+                        <groupId>commons-collections</groupId>
+                        <artifactId>commons-collections</artifactId>
+                    </exclusion>
+                </exclusions>
             </dependency>
-	        
+            <dependency>
+                <groupId>commons-collections</groupId>
+                <artifactId>commons-collections</artifactId>
+                <version>3.2.2</version>
+            </dependency>
             <!-- 阿里JSON解析器 -->
             <dependency>
                 <groupId>com.alibaba</groupId>
diff --git a/ruoyi-generator/pom.xml b/ruoyi-generator/pom.xml
index 594d0b3..795d650 100644
--- a/ruoyi-generator/pom.xml
+++ b/ruoyi-generator/pom.xml
@@ -22,7 +22,11 @@
             <groupId>org.apache.velocity</groupId>
             <artifactId>velocity</artifactId>
         </dependency>
-
+        <!--commons-collections-->
+        <dependency>
+            <groupId>commons-collections</groupId>
+            <artifactId>commons-collections</artifactId>
+        </dependency>
         <!-- 通用工具-->
         <dependency>
             <groupId>com.ruoyi</groupId>

--
Gitblit v1.9.2