From 51045662605d5ff9aa48fdf52201c02e8de634cd Mon Sep 17 00:00:00 2001
From: Vinod Anandan <vinod@owasp.org>
Date: Mon, 14 Aug 2017 22:01:53 +0100
Subject: [PATCH] CVE-2017-9801 ( commons-email )

When a call-site passes a subject for an email that contains line-breaks in Apache Commons Email 1.0 through 1.4, the caller can add arbitrary SMTP headers.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9801
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index ec3b222af0c..ad4bb79ded1 100644
--- a/pom.xml
+++ b/pom.xml
@@ -744,7 +744,7 @@
       <dependency>
         <groupId>org.apache.commons</groupId>
         <artifactId>commons-email</artifactId>
-        <version>1.3.2</version>
+        <version>1.5</version>
       </dependency>
       <dependency>
         <groupId>commons-lang</groupId>
-- 
2.39.5