ofbiz-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jacques Le Roux (Jira)" <j...@apache.org>
Subject [jira] [Created] (OFBIZ-11353) Temporarily comment out the "stream" request-map in commonext controller.xml for security reason
Date Fri, 14 Feb 2020 08:40:00 GMT
Jacques Le Roux created OFBIZ-11353:
---------------------------------------

             Summary: Temporarily comment out the "stream" request-map in commonext controller.xml
for security reason
                 Key: OFBIZ-11353
                 URL: https://issues.apache.org/jira/browse/OFBIZ-11353
             Project: OFBiz
          Issue Type: Bug
          Components: ALL COMPONENTS
    Affects Versions: Upcoming Branch, Release Branch 17.12, Release Branch 18.12
            Reporter: Jacques Le Roux


A vulnerability has been reported to the OFBiz security team.  To be able to release the 17.12.01
version with this vulnerability fixed we need to temporarily comment out the "stream" request-map
in commonext controller. We will later fix the specific issue to put back the functionnalities
allowed by the "stream" request-map in commonext controller.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Mime
View raw message