Why don't CI services upgrade to Maven 3.0.5?

Do they just wait for someone to exploit the vulnerability?
2013-03-11 09:11:11 +09:00 · 2013-03-11 09:11:11 +09:00 · 27b2f1304b
commit 27b2f1304b
parent 5d65bbc0a9
1 changed files with 1 additions and 1 deletions
--- a/pom.xml
+++ b/pom.xml
@ -273,7 +273,7 @@
                  <version>[1.7.0,)</version>
                </requireJavaVersion>
                <requireMavenVersion>
-                  <version>[3.0.5,)</version>
+                  <version>[3.0.4,)</version>
                </requireMavenVersion>
              </rules>
            </configuration>