www-announce mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jacopo Cappellato <jaco...@apache.org>
Subject [ANNOUNCE] Apache OFBiz 10.04.06 released
Date Sat, 20 Jul 2013 15:59:22 GMT
The Apache OFBiz community is pleased to announce the new release "Apache OFBiz 10.04.06".

Apache OFBiz is an open source enterprise automation software project (ERP, CRM, E-Business
/ E-Commerce, MRP, SCM, CMMS/EAM...):

http://ofbiz.apache.org/

"Apache OFBiz 10.04.06" is the last bug fix release for the 10.04 series; all users of "Apache
OFBiz 10.04.*" releases are encouraged to upgrade to this latest release because the new release
contains several bug fixes including fixes for the following security vulnerabilities: 

CVE-2013-2137 - XSS vulnerability in the "View Log" screen of the OFBiz Webtools application
CVE-2013-2250 - Nested expression evaluation allows remote users to execute arbitrary UEL
functions in OFBiz

See also:

http://ofbiz.apache.org/download.html#vulnerabilities

The release file can be downloaded following the instructions in the OFBiz download page :

http://ofbiz.apache.org/download.html

The OFBiz Team.
Mime
View raw message