We don't want to have to remediate this vulnerability each time a new agent is deployed.
Release : 12.0
Q : when will an updated image be released?
A : Next GA release of autosys will include the required changes(commons-text-1.10.0.jar).
As it is a Third-party patch to the existing Autosys ISO. We are not generating any new ISO for 12.1. However you can proceed with the below solutions.
Proposed solutions:
1. The file can be deleted once the installer/upgrade is done.
or
2. You can extract the ISO and replace the Apache Commons text (commons-text-1.8.jar or commons-text-1.9.jar) which is located at
ISO modules/JARS directory (Example: iso/modules/JARS) folder with the commons-text-1.10.0.jar and install the product.
So the installer/Upgrade process will make use of the commons-text-1.10.0.jar.