diff --git a/CVE-2021-29425-1.patch b/CVE-2021-29425-1.patch deleted file mode 100644 index dce67f8e24a69ea904bd0070b0190e313741cac8..0000000000000000000000000000000000000000 --- a/CVE-2021-29425-1.patch +++ /dev/null @@ -1,182 +0,0 @@ -From 2736b6fe0b3fa22ec8e2b4184897ecadb021fc78 Mon Sep 17 00:00:00 2001 -From: Stefan Bodewig -Date: Thu, 21 Dec 2017 13:49:06 +0100 -Subject: [PATCH 1/4] IO-559 verify hostname part of suspected UNC paths in - FileNameUtils - ---- - .../org/apache/commons/io/FilenameUtils.java | 147 +++++++++++++++++- - 1 files changed, 146 insertions(+), 1 deletion(-) - -diff --git a/src/main/java/org/apache/commons/io/FilenameUtils.java b/src/main/java/org/apache/commons/io/FilenameUtils.java -index 9cddebb6..cdbc41c2 100644 ---- a/src/main/java/org/apache/commons/io/FilenameUtils.java -+++ b/src/main/java/org/apache/commons/io/FilenameUtils.java -@@ -19,8 +19,12 @@ package org.apache.commons.io; - import java.io.File; - import java.io.IOException; - import java.util.ArrayList; -+import java.util.Arrays; - import java.util.Collection; -+import java.util.List; - import java.util.Stack; -+import java.util.regex.Matcher; -+import java.util.regex.Pattern; - - /** - * General filename and filepath manipulation utilities. -@@ -679,7 +683,9 @@ public class FilenameUtils { - } - posUnix = posUnix == NOT_FOUND ? posWin : posUnix; - posWin = posWin == NOT_FOUND ? posUnix : posWin; -- return Math.min(posUnix, posWin) + 1; -+ int pos = Math.min(posUnix, posWin) + 1; -+ String hostnamePart = filename.substring(2, pos - 1); -+ return isValidHostName(hostnamePart) ? pos : NOT_FOUND; - } else { - return isSeparator(ch0) ? 1 : 0; - } -@@ -1450,4 +1456,143 @@ public class FilenameUtils { - return list.toArray( new String[ list.size() ] ); - } - -+ /** -+ * Checks whether a given string is a valid host name according to -+ * RFC 3986. -+ * -+ *

Accepted are IP addresses (v4 and v6) as well as what the -+ * RFC calls a "reg-name". Percent encoded names don't seem to be -+ * valid names in UNC paths.

-+ * -+ * @see "https://tools.ietf.org/html/rfc3986#section-3.2.2" -+ * @param name the hostname to validate -+ * @return true if the given name is a valid host name -+ */ -+ private static boolean isValidHostName(String name) { -+ return isIPv4Address(name) || isIPv6Address(name) || isRFC3986HostName(name); -+ } -+ -+ private static final Pattern IPV4_PATTERN = -+ Pattern.compile("^(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})$"); -+ private static final int IPV4_MAX_OCTET_VALUE = 255; -+ -+ // mostly copied from org.apache.commons.validator.routines.InetAddressValidator#isValidInet4Address -+ private static boolean isIPv4Address(String name) { -+ Matcher m = IPV4_PATTERN.matcher(name); -+ if (!m.matches() || m.groupCount() != 4) { -+ return false; -+ } -+ -+ // verify that address subgroups are legal -+ for (int i = 1; i < 5; i++) { -+ String ipSegment = m.group(i); -+ if (ipSegment == null || ipSegment.length() == 0) { -+ return false; -+ } -+ -+ int iIpSegment = 0; -+ -+ try { -+ iIpSegment = Integer.parseInt(ipSegment); -+ } catch(NumberFormatException e) { -+ return false; -+ } -+ -+ if (iIpSegment > IPV4_MAX_OCTET_VALUE) { -+ return false; -+ } -+ -+ if (ipSegment.length() > 1 && ipSegment.startsWith("0")) { -+ return false; -+ } -+ -+ } -+ -+ return true; -+ } -+ -+ private static final int IPV6_MAX_HEX_GROUPS = 8; -+ private static final int IPV6_MAX_HEX_DIGITS_PER_GROUP = 4; -+ private static final int MAX_UNSIGNED_SHORT = 0xffff; -+ private static final int BASE_16 = 16; -+ -+ // copied from org.apache.commons.validator.routines.InetAddressValidator#isValidInet6Address -+ private static boolean isIPv6Address(String inet6Address) { -+ boolean containsCompressedZeroes = inet6Address.contains("::"); -+ if (containsCompressedZeroes && (inet6Address.indexOf("::") != inet6Address.lastIndexOf("::"))) { -+ return false; -+ } -+ if ((inet6Address.startsWith(":") && !inet6Address.startsWith("::")) -+ || (inet6Address.endsWith(":") && !inet6Address.endsWith("::"))) { -+ return false; -+ } -+ String[] octets = inet6Address.split(":"); -+ if (containsCompressedZeroes) { -+ List octetList = new ArrayList(Arrays.asList(octets)); -+ if (inet6Address.endsWith("::")) { -+ // String.split() drops ending empty segments -+ octetList.add(""); -+ } else if (inet6Address.startsWith("::") && !octetList.isEmpty()) { -+ octetList.remove(0); -+ } -+ octets = octetList.toArray(new String[octetList.size()]); -+ } -+ if (octets.length > IPV6_MAX_HEX_GROUPS) { -+ return false; -+ } -+ int validOctets = 0; -+ int emptyOctets = 0; // consecutive empty chunks -+ for (int index = 0; index < octets.length; index++) { -+ String octet = octets[index]; -+ if (octet.length() == 0) { -+ emptyOctets++; -+ if (emptyOctets > 1) { -+ return false; -+ } -+ } else { -+ emptyOctets = 0; -+ // Is last chunk an IPv4 address? -+ if (index == octets.length - 1 && octet.contains(".")) { -+ if (!isIPv4Address(octet)) { -+ return false; -+ } -+ validOctets += 2; -+ continue; -+ } -+ if (octet.length() > IPV6_MAX_HEX_DIGITS_PER_GROUP) { -+ return false; -+ } -+ int octetInt = 0; -+ try { -+ octetInt = Integer.parseInt(octet, BASE_16); -+ } catch (NumberFormatException e) { -+ return false; -+ } -+ if (octetInt < 0 || octetInt > MAX_UNSIGNED_SHORT) { -+ return false; -+ } -+ } -+ validOctets++; -+ } -+ if (validOctets > IPV6_MAX_HEX_GROUPS || (validOctets < IPV6_MAX_HEX_GROUPS && !containsCompressedZeroes)) { -+ return false; -+ } -+ return true; -+ } -+ -+ private static final Pattern REG_NAME_PART_PATTERN = Pattern.compile("^[a-zA-Z0-9][a-zA-Z0-9-]*$"); -+ -+ private static boolean isRFC3986HostName(String name) { -+ String[] parts = name.split("\\.", -1); -+ for (int i = 0; i < parts.length; i++) { -+ if (parts[i].length() == 0) { -+ // trailing dot is legal, otherwise we've hit a .. sequence -+ return i == parts.length - 1; -+ } -+ if (!REG_NAME_PART_PATTERN.matcher(parts[i]).matches()) { -+ return false; -+ } -+ } -+ return true; -+ } - } diff --git a/CVE-2021-29425-2.patch b/CVE-2021-29425-2.patch deleted file mode 100644 index 2acb61c1ea8614ee44e08e36bf6107d4d4485330..0000000000000000000000000000000000000000 --- a/CVE-2021-29425-2.patch +++ /dev/null @@ -1,57 +0,0 @@ -From 71639e041876e4dca28785ac3e61d80ecc33db44 Mon Sep 17 00:00:00 2001 -From: Stefan Bodewig -Date: Wed, 16 May 2018 08:49:15 +0200 -Subject: [PATCH 2/4] checkstyle requires javadocs on private methods? - ---- - .../org/apache/commons/io/FilenameUtils.java | 20 +++++++++++++++++++ - 1 file changed, 20 insertions(+) - -diff --git a/src/main/java/org/apache/commons/io/FilenameUtils.java b/src/main/java/org/apache/commons/io/FilenameUtils.java -index cdbc41c2..a829f8c7 100644 ---- a/src/main/java/org/apache/commons/io/FilenameUtils.java -+++ b/src/main/java/org/apache/commons/io/FilenameUtils.java -@@ -1476,6 +1476,12 @@ public class FilenameUtils { - Pattern.compile("^(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})$"); - private static final int IPV4_MAX_OCTET_VALUE = 255; - -+ /** -+ * Checks whether a given string represents a valid IPv4 address. -+ * -+ * @param name the name to validate -+ * @return true if the given name is a valid IPv4 address -+ */ - // mostly copied from org.apache.commons.validator.routines.InetAddressValidator#isValidInet4Address - private static boolean isIPv4Address(String name) { - Matcher m = IPV4_PATTERN.matcher(name); -@@ -1517,6 +1523,12 @@ public class FilenameUtils { - private static final int BASE_16 = 16; - - // copied from org.apache.commons.validator.routines.InetAddressValidator#isValidInet6Address -+ /** -+ * Checks whether a given string represents a valid IPv6 address. -+ * -+ * @param inet6Address the name to validate -+ * @return true if the given name is a valid IPv6 address -+ */ - private static boolean isIPv6Address(String inet6Address) { - boolean containsCompressedZeroes = inet6Address.contains("::"); - if (containsCompressedZeroes && (inet6Address.indexOf("::") != inet6Address.lastIndexOf("::"))) { -@@ -1582,6 +1594,14 @@ public class FilenameUtils { - - private static final Pattern REG_NAME_PART_PATTERN = Pattern.compile("^[a-zA-Z0-9][a-zA-Z0-9-]*$"); - -+ /** -+ * Checks whether a given string is a valid host name according to -+ * RFC 3986 - not accepting IP addresses. -+ * -+ * @see "https://tools.ietf.org/html/rfc3986#section-3.2.2" -+ * @param name the hostname to validate -+ * @return true if the given name is a valid host name -+ */ - private static boolean isRFC3986HostName(String name) { - String[] parts = name.split("\\.", -1); - for (int i = 0; i < parts.length; i++) { --- -2.23.0 - diff --git a/CVE-2021-29425-3.patch b/CVE-2021-29425-3.patch deleted file mode 100644 index 15011e08f0220a06159ed7df46376546ed71d0b3..0000000000000000000000000000000000000000 --- a/CVE-2021-29425-3.patch +++ /dev/null @@ -1,26 +0,0 @@ -From bb388f116290c3e3ff244082fd5c376a45a5c798 Mon Sep 17 00:00:00 2001 -From: Stefan Bodewig -Date: Thu, 17 May 2018 21:03:26 +0200 -Subject: [PATCH 3/4] isRFC3986HostName applies to IPv4 addresses so we can - safe the test - ---- - src/main/java/org/apache/commons/io/FilenameUtils.java | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/main/java/org/apache/commons/io/FilenameUtils.java b/src/main/java/org/apache/commons/io/FilenameUtils.java -index a829f8c7..b93476bb 100644 ---- a/src/main/java/org/apache/commons/io/FilenameUtils.java -+++ b/src/main/java/org/apache/commons/io/FilenameUtils.java -@@ -1469,7 +1469,7 @@ public class FilenameUtils { - * @return true if the given name is a valid host name - */ - private static boolean isValidHostName(String name) { -- return isIPv4Address(name) || isIPv6Address(name) || isRFC3986HostName(name); -+ return isIPv6Address(name) || isRFC3986HostName(name); - } - - private static final Pattern IPV4_PATTERN = --- -2.23.0 - diff --git a/CVE-2021-29425-4.patch b/CVE-2021-29425-4.patch deleted file mode 100644 index 07f734fa04c2fe77d52887b0a7288dfb6564667e..0000000000000000000000000000000000000000 --- a/CVE-2021-29425-4.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 0842e1f60a1ca36c8db76a00c6001a38174de21b Mon Sep 17 00:00:00 2001 -From: Stefan Bodewig -Date: Thu, 17 May 2018 21:04:34 +0200 -Subject: [PATCH 4/4] remove IPv4 checks that are unnnecessary due to matching - regex - ---- - .../java/org/apache/commons/io/FilenameUtils.java | 15 ++------------- - 1 file changed, 2 insertions(+), 13 deletions(-) - -diff --git a/src/main/java/org/apache/commons/io/FilenameUtils.java b/src/main/java/org/apache/commons/io/FilenameUtils.java -index b93476bb..5da8f786 100644 ---- a/src/main/java/org/apache/commons/io/FilenameUtils.java -+++ b/src/main/java/org/apache/commons/io/FilenameUtils.java -@@ -1490,20 +1490,9 @@ public class FilenameUtils { - } - - // verify that address subgroups are legal -- for (int i = 1; i < 5; i++) { -+ for (int i = 1; i <= 4; i++) { - String ipSegment = m.group(i); -- if (ipSegment == null || ipSegment.length() == 0) { -- return false; -- } -- -- int iIpSegment = 0; -- -- try { -- iIpSegment = Integer.parseInt(ipSegment); -- } catch(NumberFormatException e) { -- return false; -- } -- -+ int iIpSegment = Integer.parseInt(ipSegment); - if (iIpSegment > IPV4_MAX_OCTET_VALUE) { - return false; - } --- -2.23.0 - diff --git a/Remove-undefined-parameter-from-maven-surefire-plugi.patch b/Remove-undefined-parameter-from-maven-surefire-plugi.patch new file mode 100644 index 0000000000000000000000000000000000000000..2a727e321e761c40c7d60905975bfca190ab0663 --- /dev/null +++ b/Remove-undefined-parameter-from-maven-surefire-plugi.patch @@ -0,0 +1,33 @@ +From 35925e92cace7cafc040491d590716d0369ea3f8 Mon Sep 17 00:00:00 2001 +From: wang--ge +Date: Wed, 13 Nov 2024 16:18:02 +0800 +Subject: [PATCH] remove undefined parameter from maven-surefire-plugin + +--- + pom.xml | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/pom.xml b/pom.xml +index d43ebd2..d29ed63 100644 +--- a/pom.xml ++++ b/pom.xml +@@ -403,6 +403,7 @@ file comparators, endian transformation classes, and much more. + org.apache.maven.plugins + maven-surefire-plugin + ++ true + + xerces:xercesImpl + +@@ -410,7 +411,7 @@ file comparators, endian transformation classes, and much more. + false + + +- ${argLine} -Xmx25M ++ -Xmx25M + + + **/*Test*.class +-- +2.46.0 + diff --git a/XmlStreamReader-can-t-parse-XML-document-with-multi-.patch b/XmlStreamReader-can-t-parse-XML-document-with-multi-.patch new file mode 100644 index 0000000000000000000000000000000000000000..84362d0f8d509f6d7afdfdf28e1cf6baac07bc46 --- /dev/null +++ b/XmlStreamReader-can-t-parse-XML-document-with-multi-.patch @@ -0,0 +1,101 @@ +From 17f8b44d50372f4b540059232ed0ffa189eceb62 Mon Sep 17 00:00:00 2001 +From: Gary Gregory +Date: Tue, 2 Jan 2024 09:08:58 -0500 +Subject: [PATCH] XmlStreamReader can't parse XML document with multi-line + prolog #550 + +- Apply PR #550, not merged or would have caused the build to fail. +- Implement fix + +Origin: +https://github.com/apache/commons-io/commit/17f8b44d50372f4b540059232ed0ffa189eceb62 +--- + .../apache/commons/io/input/XmlStreamReader.java | 16 +++++++++++----- + .../commons/io/input/XmlStreamReaderTest.java | 10 ++++++++++ + 2 files changed, 21 insertions(+), 5 deletions(-) + +diff --git a/src/main/java/org/apache/commons/io/input/XmlStreamReader.java b/src/main/java/org/apache/commons/io/input/XmlStreamReader.java +index 2b9b379..ff16987 100644 +--- a/src/main/java/org/apache/commons/io/input/XmlStreamReader.java ++++ b/src/main/java/org/apache/commons/io/input/XmlStreamReader.java +@@ -214,6 +214,16 @@ public class XmlStreamReader extends Reader { + *

+ * See also the XML specification. + *

++ *

++ * Note the documented pattern is: ++ *

++ * 
++     * EncName   ::=   [A-Za-z] ([A-Za-z0-9._] | '-')*
++     *
++ *

++ * However this does not match all the aliases that are supported by Java. ++ * For example, '437', 'ISO_8859-1:1987' and 'ebcdic-de-273+euro'. ++ *

+ */ + public static final Pattern ENCODING_PATTERN = Pattern.compile( + // @formatter:off +@@ -223,10 +233,6 @@ public class XmlStreamReader extends Reader { + + "((?:\"[A-Za-z0-9][A-Za-z0-9._+:-]*\")" // double-quoted + + "|(?:'[A-Za-z0-9][A-Za-z0-9._+:-]*'))", // single-quoted + Pattern.MULTILINE); +- // N.B. the documented pattern is +- // EncName ::= [A-Za-z] ([A-Za-z0-9._] | '-')* +- // However this does not match all the aliases that are supported by Java. +- // e.g. '437', 'ISO_8859-1:1987' and 'ebcdic-de-273+euro' + // @formatter:on + + private static final String RAW_EX_1 = "Illegal encoding, BOM [{0}] XML guess [{1}] XML prolog [{2}] encoding mismatch"; +@@ -325,7 +331,7 @@ public class XmlStreamReader extends Reader { + inputStream.reset(); + final BufferedReader bReader = new BufferedReader(new StringReader(xmlProlog.substring(0, firstGT + 1))); + final StringBuilder prolog = new StringBuilder(); +- IOConsumer.forEach(bReader.lines(), prolog::append); ++ IOConsumer.forEach(bReader.lines(), l -> prolog.append(l).append(' ')); + final Matcher m = ENCODING_PATTERN.matcher(prolog); + if (m.find()) { + encoding = m.group(1).toUpperCase(Locale.ROOT); +diff --git a/src/test/java/org/apache/commons/io/input/XmlStreamReaderTest.java b/src/test/java/org/apache/commons/io/input/XmlStreamReaderTest.java +index 63d587a..de986c9 100644 +--- a/src/test/java/org/apache/commons/io/input/XmlStreamReaderTest.java ++++ b/src/test/java/org/apache/commons/io/input/XmlStreamReaderTest.java +@@ -60,6 +60,8 @@ public class XmlStreamReaderTest { + private static final String UTF_32LE = "UTF-32LE"; + private static final String UTF_32BE = "UTF-32BE"; + private static final String UTF_8 = StandardCharsets.UTF_8.name(); ++ ++ private static final String XML6 = "xml-prolog-encoding-new-line"; + private static final String XML5 = "xml-prolog-encoding-spaced-single-quotes"; + private static final String XML4 = "xml-prolog-encoding-single-quotes"; + private static final String XML3 = "xml-prolog-encoding-double-quotes"; +@@ -102,6 +104,8 @@ public class XmlStreamReaderTest { + + private static final MessageFormat XML_WITH_PROLOG = new MessageFormat( + "\n{2}"); ++ private static final MessageFormat XML_WITH_PROLOG_AND_ENCODING_NEW_LINES = new MessageFormat( ++ "\n{2}"); + + private static final MessageFormat XML_WITH_PROLOG_AND_ENCODING_DOUBLE_QUOTES = new MessageFormat( + "\n{2}"); +@@ -123,6 +127,7 @@ public class XmlStreamReaderTest { + XMLs.put(XML3, XML_WITH_PROLOG_AND_ENCODING_DOUBLE_QUOTES); + XMLs.put(XML4, XML_WITH_PROLOG_AND_ENCODING_SINGLE_QUOTES); + XMLs.put(XML5, XML_WITH_PROLOG_AND_ENCODING_SPACED_SINGLE_QUOTES); ++ XMLs.put(XML6, XML_WITH_PROLOG_AND_ENCODING_NEW_LINES); + } + + /** +@@ -624,5 +629,10 @@ public class XmlStreamReaderTest { + xmlReader = new XmlStreamReader(is); + assertEquals(xmlReader.getEncoding(), encoding); + xmlReader.close(); ++ ++ is = getXmlInputStream("no-bom", XML6, encoding, encoding); ++ xmlReader = new XmlStreamReader(is); ++ assertEquals(xmlReader.getEncoding(), encoding); ++ xmlReader.close(); + } + } +-- +2.47.0 + diff --git a/apache-commons-io.spec b/apache-commons-io.spec index f079b980e3e5bc6a2390b96e4475d6169bc06d7f..2a7496e7352409ae1b6eac67d7466d8c4ce61961 100644 --- a/apache-commons-io.spec +++ b/apache-commons-io.spec @@ -1,18 +1,21 @@ Name: apache-commons-io Epoch: 1 -Version: 2.6 -Release: 8 +Version: 2.15.1 +Release: 1 Summary: A library of utilities for developing IO functionality. License: ASL 2.0 URL: http://commons.apache.org/proper/commons-io Source0: http://archive.apache.org/dist/commons/io/source/commons-io-%{version}-src.tar.gz -Patch0000: CVE-2021-29425-1.patch -Patch0001: CVE-2021-29425-2.patch -Patch0002: CVE-2021-29425-3.patch -Patch0003: CVE-2021-29425-4.patch +Patch0: Remove-undefined-parameter-from-maven-surefire-plugi.patch +Patch1: XmlStreamReader-can-t-parse-XML-document-with-multi-.patch BuildArch: noarch BuildRequires: mvn(org.apache.maven.plugins:maven-antrun-plugin) maven-local BuildRequires: mvn(org.apache.commons:commons-parent:pom:) mvn(junit:junit) +BuildRequires: mvn(org.junit.jupiter:junit-jupiter-api) +BuildRequires: mvn(org.junit.jupiter:junit-jupiter-params) +BuildRequires: mvn(org.mockito:mockito-core) +BuildRequires: mvn(org.openjdk.jmh:jmh-core) +BuildRequires: mvn(org.openjdk.jmh:jmh-generator-annprocess) %description Apache commons IO library is used for developing IO functionality. It contains a collecton of utilities with @@ -28,13 +31,28 @@ Help documents for apache-commons-io. %prep %autosetup -n commons-io-%{version}-src -p1 -# remove test -%pom_xpath_remove "pom:dependency[pom:artifactId='junit']/pom:scope" +%pom_change_dep -r org.junit.jupiter:junit-jupiter org.junit.jupiter:junit-jupiter-api +%pom_add_dep org.junit.jupiter:junit-jupiter-params +%pom_remove_dep org.junit-pioneer:junit-pioneer +%pom_remove_dep com.google.jimfs:jimfs +%pom_change_dep -r org.mockito:mockito-inline org.mockito:mockito-core +%pom_add_plugin org.apache.maven.plugins:maven-javadoc-plugin + +#Because openEuler did not introduce some toolkit package related to several +#test cases, adaptation was made to test cases that openEuler does not support +rm -rf src/test/java/org/apache/commons/io/input/ReversedLinesFileReaderTestParamFile.java +sed -i '/junitpioneer/d' src/test/java/org/apache/commons/io/input/XmlStreamReaderTest.java +sed -i '/DefaultLocale/,+12d' src/test/java/org/apache/commons/io/input/XmlStreamReaderTest.java +sed -i '/junitpioneer/d' src/test/java/org/apache/commons/io/output/XmlStreamWriterTest.java +sed -i '/Turkish language has specific rules/,+32d' src/test/java/org/apache/commons/io/output/XmlStreamWriterTest.java +sed -i '/Timeout/d' src/test/java/org/apache/commons/io/input/ReaderInputStreamTest.java +sed -i '/If data is not available in queue/,+11d' src/test/java/org/apache/commons/io/input/QueueInputStreamTest.java +sed -i '/Stopwatch/d' src/test/java/org/apache/commons/io/input/QueueInputStreamTest.java %build %mvn_file : commons-io %{name} %mvn_alias : org.apache.commons: -%mvn_build --skipTests +%mvn_build --skipTests --xmvn-javadoc %install %mvn_install @@ -49,6 +67,9 @@ xmvn test --batch-mode --offline verify %doc RELEASE-NOTES.txt %changelog +* Mon Dec 09 2024 yaoxin - 1:2.15.1-1 +- Update to 2.15.1 for fix CVE-2024-47554 + * Fri Sep 23 2022 yaoxin - 1:2.6-8 - Remove the empty Ignore-some-test-because-bep.patch file. diff --git a/commons-io-2.15.1-src.tar.gz b/commons-io-2.15.1-src.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..446899c5a9819f73848e6102ef179d688ed6ad04 Binary files /dev/null and b/commons-io-2.15.1-src.tar.gz differ diff --git a/commons-io-2.6-src.tar.gz b/commons-io-2.6-src.tar.gz deleted file mode 100644 index 5347e29446097fcee89ee20b0e1a5d59ce96deff..0000000000000000000000000000000000000000 Binary files a/commons-io-2.6-src.tar.gz and /dev/null differ