xmlgraphics-commons 2.1 has CVE-2017-5661 vulnerability

[avoiculet]

Our dependency security analyser tool highlighted the xmlgraphics-commons library as having the following vulnerability: https://nvd.nist.gov/vuln/detail/CVE-2017-5661 . There are references online (more or less trustworthy) that mention that batik may also be suffering from it rather than just Apache FOP (maybe this common lib is used by both ?). I confess to not understanding these tools to the level where I could say with confidence if this vulnerability is an issue or not.

Updating the library fixes this.