Wicket 1.5.16 released

05 Aug 2016

This is the sixteenth maintenance release of the Wicket 1.5.x series. This release brings over 2 bug fixes.

CHANGELOG for 1.5.16:

Bug

• CVE-2013-2186: Disable (de)serialization of Commons FileUpload items.
• CVE-2016-3092: Apache Commons Fileupload information disclosure vulnerability

To use in Maven:

<dependency>
    <groupId>org.apache.wicket</groupId>
    <artifactId>wicket-core</artifactId>
    <version>1.5.16</version>
</dependency>

Download the full distribution (including sources)