Ivan SZKIBA

The package org.ini4j before 0.5.4 are vulnerable to get value via the fetch() method in BasicProfile class, which may lead to DoS attacks.

Hello, A fix for this specific vulnerability (CVE-2022-41404) has been prioritized and is scheduled for the upcoming v0.6.0 release. The project is currently migrating to GitHub to modernize the build pipeline and deliver this security patch effectively. Please be patient while the infrastructure is finalized to support the new release. You can track the migration progress and release status here: https://github.com/ini4j/ini4j/issues/1 The fix will be published to Maven Central as soon as v0.6.0...

ini4j has moved to GitHub! (Revival & v0.6.0 Roadmap)

The package org.ini4j before 0.5.4 are vulnerable to get value via the fetch() method in BasicProfile class, which may lead to DoS attacks.

fix central repo deploy problem

[maven-release-plugin] prepare for next develop...

[maven-release-plugin] copy for tag ini4j-0.5.4

[maven-release-plugin] prepare release ini4j-0.5.4