You are viewing a plain text version of this content. The canonical link for it is here.

---

- [ofbiz-plugins] branch release18.12 updated: Fixed: placeholder text has been implemented but seems to do nothing (OFBIZ-12548) - posted by jl...@apache.org on 2022/02/01 07:51:07 UTC, 0 replies.
- [ofbiz-plugins] branch release22.01 updated: Fixed: placeholder text has been implemented but seems to do nothing (OFBIZ-12548) - posted by jl...@apache.org on 2022/02/01 07:51:08 UTC, 0 replies.
- [ofbiz-plugins] branch trunk updated: Fixed: placeholder text has been implemented but seems to do nothing (OFBIZ-12548) - posted by jl...@apache.org on 2022/02/01 07:51:09 UTC, 0 replies.
- [ofbiz-framework] branch release18.12 updated: Fixed: Manufacturing Jobshop find screen by default does not show all production runs (OFBIZ-12550) - posted by jl...@apache.org on 2022/02/01 07:59:52 UTC, 0 replies.
- [ofbiz-framework] branch release22.01 updated: Fixed: Manufacturing Jobshop find screen by default does not show all production runs (OFBIZ-12550) - posted by jl...@apache.org on 2022/02/01 07:59:53 UTC, 0 replies.
- [ofbiz-framework] branch trunk updated: Fixed: Manufacturing Jobshop find screen by default does not show all production runs (OFBIZ-12550) - posted by jl...@apache.org on 2022/02/01 07:59:54 UTC, 0 replies.
- [ofbiz-framework] branch release18.12 updated: Fixed: View for ViewBinaryDataResource missing (OFBIZ-12552) - posted by jl...@apache.org on 2022/02/01 12:26:03 UTC, 0 replies.
- [ofbiz-framework] branch release22.01 updated: Fixed: View for ViewBinaryDataResource missing (OFBIZ-12552) - posted by jl...@apache.org on 2022/02/01 12:26:04 UTC, 0 replies.
- [ofbiz-framework] branch trunk updated: Fixed: View for ViewBinaryDataResource missing (OFBIZ-12552) - posted by jl...@apache.org on 2022/02/01 12:26:05 UTC, 0 replies.
- [ofbiz-framework] branch release22.01 updated: Fixed: Attribute default-field-type hidden doesn't work for auto-fields-service element (OFBIZ-12555) - posted by nm...@apache.org on 2022/02/02 17:16:50 UTC, 1 replies.
- [ofbiz-framework] branch trunk updated: Fixed: Attribute default-field-type hidden doesn't work for auto-fields-service element (OFBIZ-12555) - posted by nm...@apache.org on 2022/02/02 17:18:04 UTC, 0 replies.
- [ofbiz-framework] branch trunk updated: Improved: no functional change, adds a BuildBot badge (INFRA-22807) - posted by jl...@apache.org on 2022/02/03 08:54:00 UTC, 1 replies.
- [ofbiz-framework] branch trunk updated (884864b -> be56019) - posted by jl...@apache.org on 2022/02/03 10:07:10 UTC, 0 replies.
- [ofbiz-framework] 01/02: Improved: no functional change, adds a BuildBot badge (INFRA-22807) - posted by jl...@apache.org on 2022/02/03 10:07:11 UTC, 0 replies.
- [ofbiz-framework] 02/02: Improved: no functional change, adds a BuildBot badge (INFRA-22807) - posted by jl...@apache.org on 2022/02/03 10:07:12 UTC, 0 replies.
- [ofbiz-framework] branch trunk updated (884864b -> c6e44d1) - posted by nm...@apache.org on 2022/02/03 10:07:47 UTC, 0 replies.
- [ofbiz-framework] 01/02: Reverted: Improved: no functional change, adds a BuildBot badge (INFRA-22807) - posted by nm...@apache.org on 2022/02/03 10:07:48 UTC, 0 replies.
- [ofbiz-framework] 02/02: Fixed: Attribute default-field-type hidden doesn't work for auto-fields-service element (OFBIZ-12555) - posted by nm...@apache.org on 2022/02/03 10:07:49 UTC, 0 replies.
- [ofbiz-framework] branch release18.12 updated: Fixed: Attribute default-field-type hidden doesn't work for auto-fields-service element (OFBIZ-12555) - posted by nm...@apache.org on 2022/02/03 10:26:42 UTC, 0 replies.
- [ofbiz-framework] branch release22.01 updated: Improved: no functional change, adds a BuildBot badge (INFRA-22807) - posted by jl...@apache.org on 2022/02/03 10:37:15 UTC, 0 replies.
- [ofbiz-framework] branch release18.12 updated: Improved: no functional change, adds a BuildBot badge (INFRA-22807) - posted by jl...@apache.org on 2022/02/03 10:41:04 UTC, 0 replies.
- [ofbiz-framework] branch release18.12 updated (77a2c74 -> 4ab4b15) - posted by jl...@apache.org on 2022/02/04 11:31:49 UTC, 0 replies.
- [ofbiz-framework] 01/02: Fixed: Remote Code Execution (File Upload) Vulnerability (OFBIZ-11948) - posted by jl...@apache.org on 2022/02/04 11:31:50 UTC, 2 replies.
- [ofbiz-framework] 02/02: Fixed: Possible authenticated attack related to Tomcat CVE-2020-1938 (OFBIZ-12558) - posted by jl...@apache.org on 2022/02/04 11:31:51 UTC, 2 replies.
- [ofbiz-framework] branch release22.01 updated (ef60c32 -> b2c0a4a) - posted by jl...@apache.org on 2022/02/04 11:31:52 UTC, 0 replies.
- [ofbiz-framework] branch trunk updated (6889ed1 -> 5b1843f) - posted by jl...@apache.org on 2022/02/04 11:31:55 UTC, 0 replies.
- [ofbiz-framework] branch release18.12 updated: Improved: Remote Code Execution (File Upload) Vulnerability (OFBIZ-11948) - posted by jl...@apache.org on 2022/02/04 13:52:07 UTC, 0 replies.
- [ofbiz-framework] branch release22.01 updated: Fixed: Remote Code Execution (File Upload) Vulnerability (OFBIZ-11948) - posted by jl...@apache.org on 2022/02/04 14:04:56 UTC, 1 replies.
- [ofbiz-framework] branch trunk updated: Fixed: Remote Code Execution (File Upload) Vulnerability (OFBIZ-11948) - posted by jl...@apache.org on 2022/02/04 14:04:57 UTC, 1 replies.
- [ofbiz-framework] branch release18.12 updated: Fixed: Remote Code Execution (File Upload) Vulnerability (OFBIZ-11948) - posted by jl...@apache.org on 2022/02/05 09:21:15 UTC, 0 replies.
- [ofbiz-framework] branch trunk updated (30770e1 -> 8c5100d) - posted by mb...@apache.org on 2022/02/07 13:15:52 UTC, 0 replies.
- [ofbiz-framework] branch release18.12 updated (047849f -> 0a25c93) - posted by jl...@apache.org on 2022/02/10 13:18:10 UTC, 0 replies.
- [ofbiz-framework] 01/04: Documented: Possible authenticated attack related to Tomcat CVE-2020-1938 (OFBIZ-12558) - posted by jl...@apache.org on 2022/02/10 13:18:11 UTC, 2 replies.
- [ofbiz-framework] 02/04: Improved: no functional trivial cleaning changes - posted by jl...@apache.org on 2022/02/10 13:18:12 UTC, 2 replies.
- [ofbiz-framework] 03/04: Improved: Possible authenticated attack related to Tomcat CVE-2020-1938 (OFBIZ-12558) - posted by jl...@apache.org on 2022/02/10 13:18:13 UTC, 2 replies.
- [ofbiz-framework] 04/04: Fixed: Remote Code Execution (File Upload) Vulnerability (OFBIZ-11948) - posted by jl...@apache.org on 2022/02/10 13:18:14 UTC, 2 replies.
- [ofbiz-framework] branch release22.01 updated (b447f4d -> 8691b1a) - posted by jl...@apache.org on 2022/02/10 13:18:15 UTC, 0 replies.
- [ofbiz-framework] branch trunk updated (8c5100d -> f2cf262) - posted by jl...@apache.org on 2022/02/10 13:18:20 UTC, 0 replies.
- [ofbiz-site] branch master updated: Upgrades the security page - posted by jl...@apache.org on 2022/02/10 16:30:47 UTC, 0 replies.
- [ofbiz-site] branch master updated: Update the security page, better formatting - posted by jl...@apache.org on 2022/02/10 16:40:06 UTC, 0 replies.
- [ofbiz-framework] branch release18.12 updated: Fixed: no functional change, increase checkstyle maxErrors from 38515 to 38525 - posted by jl...@apache.org on 2022/02/10 17:14:42 UTC, 0 replies.
- [ofbiz-framework] branch release22.01 updated: Improved: no functional changes, removes trailing spaces just to pass checkstyle - posted by jl...@apache.org on 2022/02/10 17:28:04 UTC, 0 replies.
- [ofbiz-framework] branch trunk updated (f2cf262 -> 97b3627) - posted by jl...@apache.org on 2022/02/10 17:28:05 UTC, 0 replies.
- [ofbiz-framework] 01/02: Improved: Possible authenticated attack related to Tomcat CVE-2020-1938 (OFBIZ-12558) - posted by jl...@apache.org on 2022/02/10 17:28:06 UTC, 0 replies.
- [ofbiz-framework] 02/02: Improved: no functional changes, removes trailing spaces just to pass checkstyle - posted by jl...@apache.org on 2022/02/10 17:28:07 UTC, 0 replies.
- [ofbiz-framework] branch release18.12 updated: Fixed: Groovy denied list bypass causes post-auth RCE from webtools/control/ProgramExport (OFBIZ-12571) - posted by jl...@apache.org on 2022/02/11 10:03:17 UTC, 0 replies.
- [ofbiz-framework] branch release22.01 updated: Fixed: Groovy denied list bypass causes post-auth RCE from webtools/control/ProgramExport (OFBIZ-12571) - posted by jl...@apache.org on 2022/02/11 10:03:18 UTC, 0 replies.
- [ofbiz-framework] branch trunk updated: Fixed: Groovy denied list bypass causes post-auth RCE from webtools/control/ProgramExport (OFBIZ-12571) - posted by jl...@apache.org on 2022/02/11 10:03:19 UTC, 0 replies.
- [ofbiz-framework] branch trunk updated: Fixed: Quote "Create New Quote Term" Button URL issues (OFBIZ-12551) - posted by jl...@apache.org on 2022/02/11 11:06:55 UTC, 0 replies.
- [ofbiz-framework] branch trunk updated: Documented: Continue the common-theme upload (OFBIZ-9138 Create a common theme) - posted by jl...@apache.org on 2022/02/11 18:43:31 UTC, 0 replies.
- [ofbiz-framework] branch release18.12 updated: Fixed: CLONE - [SECURITY] Upgrade Tika to 1.28.1 (OFBIZ-12573) - posted by jl...@apache.org on 2022/02/12 10:48:27 UTC, 0 replies.
- [ofbiz-framework] branch release22.01 updated: Fixed: CLONE - [SECURITY] Upgrade Tika to 1.28.1 (OFBIZ-12573) - posted by jl...@apache.org on 2022/02/12 10:48:28 UTC, 0 replies.
- [ofbiz-framework] branch trunk updated (b52091d -> 0f804b8) - posted by jl...@apache.org on 2022/02/12 10:48:29 UTC, 0 replies.
- [ofbiz-framework] 01/03: Fixed: CLONE - [SECURITY] Upgrade Tika to 1.28.1 (OFBIZ-12573) - posted by jl...@apache.org on 2022/02/12 10:48:30 UTC, 0 replies.
- [ofbiz-framework] 02/03: Improved: EditTrackingCode screen - duplicate action trigger (OFBIZ-12569) - posted by jl...@apache.org on 2022/02/12 10:48:31 UTC, 0 replies.
- [ofbiz-framework] 03/03: Improved: Quote "Create New Quote Term" Button URL issues (OFBIZ-12551) - posted by jl...@apache.org on 2022/02/12 10:48:32 UTC, 0 replies.
- [ofbiz-framework] branch trunk updated: Improved: no functional format change - posted by jl...@apache.org on 2022/02/12 10:50:22 UTC, 0 replies.
- [ofbiz-tools] branch master updated: Improved: Change common webapp to common-theme (OFBIZ-12576) - posted by jl...@apache.org on 2022/02/14 12:03:59 UTC, 1 replies.
- [ofbiz-framework] branch trunk updated: Improved: Change common webapp to common-theme (OFBIZ-12576) - posted by jl...@apache.org on 2022/02/14 12:04:15 UTC, 0 replies.
- [ofbiz-framework] branch trunk updated (88b5c40 -> 2e0a6e4) - posted by jl...@apache.org on 2022/02/14 12:41:48 UTC, 0 replies.
- [ofbiz-framework] 01/02: Improved: Create a deny list to reject webshell tokens (OFBIZ-12324) - posted by jl...@apache.org on 2022/02/14 12:41:49 UTC, 0 replies.
- [ofbiz-framework] 02/02: Improved: Create a deny list to reject webshell tokens (OFBIZ-12324) - posted by jl...@apache.org on 2022/02/14 12:41:50 UTC, 0 replies.
- [ofbiz-framework] branch release18.12 updated: Improved: Create a deny list to reject webshell tokens (OFBIZ-12324) - posted by jl...@apache.org on 2022/02/14 13:31:25 UTC, 2 replies.
- [ofbiz-framework] branch release22.01 updated: Improved: Create a deny list to reject webshell tokens (OFBIZ-12324) - posted by jl...@apache.org on 2022/02/14 13:31:26 UTC, 2 replies.
- [ofbiz-framework] branch trunk updated: Improved: Create a deny list to reject webshell tokens (OFBIZ-12324) - posted by jl...@apache.org on 2022/02/15 07:05:13 UTC, 1 replies.
- [ofbiz-framework] branch trunk updated: Improved: no functional change, adds a logerror in ProgramExport.groovy - posted by jl...@apache.org on 2022/02/15 13:11:51 UTC, 0 replies.
- [ofbiz-framework] branch release18.12 updated: Improved: Error in uploading very large files, ie >2GB (OFBIZ-11534) - posted by jl...@apache.org on 2022/02/16 16:30:57 UTC, 0 replies.
- [ofbiz-framework] branch release22.01 updated: Improved: Error in uploading very large files, ie >2GB (OFBIZ-11534) - posted by jl...@apache.org on 2022/02/16 16:30:58 UTC, 0 replies.
- [ofbiz-framework] branch trunk updated: Improved: Error in uploading very large files, ie >2GB (OFBIZ-11534) - posted by jl...@apache.org on 2022/02/16 16:30:59 UTC, 0 replies.
- [ofbiz-framework] branch release18.12 updated: Fixed: Secure the uploads (OFBIZ-12080) - posted by jl...@apache.org on 2022/02/17 18:03:39 UTC, 6 replies.
- [ofbiz-framework] branch release22.01 updated (124eb38 -> 70c799d) - posted by jl...@apache.org on 2022/02/17 18:03:40 UTC, 0 replies.
- [ofbiz-framework] 01/02: Fixed: Secure the uploads (OFBIZ-12080) - posted by jl...@apache.org on 2022/02/17 18:03:41 UTC, 1 replies.
- [ofbiz-framework] 02/02: Fixed: Secure the uploads (OFBIZ-12080) - posted by jl...@apache.org on 2022/02/17 18:03:42 UTC, 2 replies.
- [ofbiz-framework] branch trunk updated: Fixed: Secure the uploads (OFBIZ-12080) - posted by jl...@apache.org on 2022/02/17 18:03:43 UTC, 8 replies.
- [ofbiz-framework] branch release22.01 updated: Fixed: Secure the uploads (OFBIZ-12080) - posted by jl...@apache.org on 2022/02/18 14:34:58 UTC, 6 replies.
- [ofbiz-framework] branch release18.12 updated: Fixed: no functional change, increase checkstyle maxErrors from 38525 to 50000 - posted by jl...@apache.org on 2022/02/19 09:03:34 UTC, 0 replies.
- [ofbiz-framework] branch release18.12 updated: Improved: Secure the uploads (OFBIZ-12080) - posted by jl...@apache.org on 2022/02/19 11:10:21 UTC, 0 replies.
- [ofbiz-framework] branch release22.01 updated (b476d67 -> 3b29cd3) - posted by jl...@apache.org on 2022/02/19 11:10:22 UTC, 0 replies.
- [ofbiz-framework] 02/02: Improved: Secure the uploads (OFBIZ-12080) - posted by jl...@apache.org on 2022/02/19 11:10:24 UTC, 0 replies.
- [ofbiz-framework] branch trunk updated (3f69a54 -> b7f1d28) - posted by jl...@apache.org on 2022/02/19 11:10:25 UTC, 0 replies.
- [ofbiz-framework] 01/04: Fixed: Secure the uploads (OFBIZ-12080) - posted by jl...@apache.org on 2022/02/19 11:10:26 UTC, 0 replies.
- [ofbiz-framework] 02/04: Improved: Secure the uploads (OFBIZ-12080) - posted by jl...@apache.org on 2022/02/19 11:10:27 UTC, 0 replies.
- [ofbiz-framework] 03/04: Improved: Secure the uploads (OFBIZ-12080) - posted by jl...@apache.org on 2022/02/19 11:10:28 UTC, 0 replies.
- [ofbiz-framework] 04/04: Improved: Secure the uploads (OFBIZ-12080) - posted by jl...@apache.org on 2022/02/19 11:10:29 UTC, 0 replies.
- [ofbiz-site] branch master updated (5e18318 -> 73b9e9e) - posted by jl...@apache.org on 2022/02/19 18:26:29 UTC, 0 replies.
- [ofbiz-site] 01/02: Put the message about security disclosing also in download page - posted by jl...@apache.org on 2022/02/19 18:26:30 UTC, 0 replies.
- [ofbiz-site] 02/02: Adds a mention about sending vulerabilities reports one by one and not packed - posted by jl...@apache.org on 2022/02/19 18:26:31 UTC, 0 replies.
- [ofbiz-framework] branch release22.01 updated (3b29cd3 -> 4d70280) - posted by jl...@apache.org on 2022/02/20 14:45:31 UTC, 0 replies.
- [ofbiz-framework] 01/02: Improved: no functional change, just removes a line - posted by jl...@apache.org on 2022/02/20 14:45:32 UTC, 0 replies.
- [ofbiz-site] branch master updated: Adds a mention for security reporters to not create Jira issues for pre-auth (aka unauth) reports - posted by jl...@apache.org on 2022/02/21 13:51:37 UTC, 0 replies.
- [ofbiz-framework] branch trunk updated: Improved: Remove Whitespaces before checkboxes (OFBIZ-10461) - posted by mb...@apache.org on 2022/02/22 17:59:14 UTC, 0 replies.
- [ofbiz-framework] branch release18.12 updated: Fixed: Induction from DB does not represent relations properly. (OFBIZ-12178) - posted by mb...@apache.org on 2022/02/22 21:54:23 UTC, 0 replies.
- [ofbiz-plugins] branch trunk updated: Fixed: Setting VIEW_INDEX to 0 in ForumScreens.xml when not initialized (OFBIZ-11429) - posted by mb...@apache.org on 2022/02/22 21:57:25 UTC, 0 replies.
- [ofbiz-plugins] branch release18.12 updated: Fixed: Setting VIEW_INDEX to 0 in ForumScreens.xml when not initialized (OFBIZ-11429) - posted by mb...@apache.org on 2022/02/22 22:03:24 UTC, 0 replies.
- [ofbiz-plugins] branch release22.01 updated: Fixed: Setting VIEW_INDEX to 0 in ForumScreens.xml when not initialized (OFBIZ-11429) - posted by mb...@apache.org on 2022/02/22 22:19:35 UTC, 0 replies.
- [ofbiz-site] branch master updated: Improved: Updates source repository information (OFBIZ-12581) - posted by mb...@apache.org on 2022/02/22 22:40:52 UTC, 0 replies.
- [ofbiz-plugins] branch trunk updated: Improved: Update to Swagger UI 4.2.1 (OFBIZ-12519) - posted by mb...@apache.org on 2022/02/22 22:43:58 UTC, 0 replies.
- [ofbiz-plugins] branch trunk updated: Improved: Update Redoc to v2.0.0-rc.59 (OFBIZ-12520) - posted by mb...@apache.org on 2022/02/22 22:45:01 UTC, 0 replies.
- [ofbiz-framework] branch release22.01 updated (6e54f7d -> 16c8afe) - posted by jl...@apache.org on 2022/02/23 10:59:16 UTC, 0 replies.
- [ofbiz-framework] 01/03: Fixed: Trivial change in ProgramExport.groovy, uses the SecuredUpload import - posted by jl...@apache.org on 2022/02/23 10:59:17 UTC, 2 replies.
- [ofbiz-framework] 02/03: Fixed: Secure the uploads (OFBIZ-12080) - posted by jl...@apache.org on 2022/02/23 10:59:18 UTC, 2 replies.
- [ofbiz-framework] 03/03: Fixed: Prevent post-Auth vulnerability: FreeMarker Bypass (OFBIZ-12582) - posted by jl...@apache.org on 2022/02/23 10:59:19 UTC, 2 replies.
- [ofbiz-framework] branch trunk updated (f3a9f05 -> 53dc91a) - posted by jl...@apache.org on 2022/02/23 11:00:31 UTC, 0 replies.
- [ofbiz-framework] branch release18.12 updated (1ed929c -> f65410b) - posted by jl...@apache.org on 2022/02/23 11:02:01 UTC, 0 replies.
- [ofbiz-plugins] branch trunk updated: Improved: no functional change, removes commented out request-maps since 2009 - posted by jl...@apache.org on 2022/02/24 08:28:31 UTC, 0 replies.
- [ofbiz-framework] branch release18.12 updated (6da27fd -> 247b871) - posted by jl...@apache.org on 2022/02/27 12:40:51 UTC, 0 replies.
- [ofbiz-framework] 01/02: Improved: Reflected XSS in content component (OFBIZ-11840) - posted by jl...@apache.org on 2022/02/27 12:40:52 UTC, 1 replies.
- [ofbiz-framework] 02/02: Fixed: Stored XSS in webappPath parameter from content/control/EditWebSite (OFBIZ-12584) - posted by jl...@apache.org on 2022/02/27 12:40:53 UTC, 1 replies.
- [ofbiz-framework] branch release22.01 updated (2ad16f3 -> 5f92549) - posted by jl...@apache.org on 2022/02/27 12:40:54 UTC, 0 replies.
- [ofbiz-framework] 01/02: Fixed: Stored XSS in webappPath parameter from content/control/EditWebSite (OFBIZ-12584) - posted by jl...@apache.org on 2022/02/27 12:40:55 UTC, 1 replies.
- [ofbiz-framework] 02/02: Improved: Reflected XSS in content component (OFBIZ-11840) - posted by jl...@apache.org on 2022/02/27 12:40:56 UTC, 0 replies.
- [ofbiz-framework] branch trunk updated (72405ab -> 2752e4e) - posted by jl...@apache.org on 2022/02/27 12:40:57 UTC, 0 replies.
- [ofbiz-framework] branch release18.12 updated: Fixed: Stored XSS in webappPath parameter from content/control/EditWebSite (OFBIZ-12584) - posted by jl...@apache.org on 2022/02/27 17:28:34 UTC, 0 replies.
- [ofbiz-framework] branch release22.01 updated: Fixed: Stored XSS in webappPath parameter from content/control/EditWebSite (OFBIZ-12584) - posted by jl...@apache.org on 2022/02/27 17:28:35 UTC, 0 replies.
- [ofbiz-framework] branch trunk updated: Fixed: Stored XSS in webappPath parameter from content/control/EditWebSite (OFBIZ-12584) - posted by jl...@apache.org on 2022/02/27 17:28:36 UTC, 0 replies.
- [ofbiz-framework] branch release18.12 updated (06006f1 -> d89e8e2) - posted by jl...@apache.org on 2022/02/27 21:09:45 UTC, 0 replies.
- [ofbiz-plugins] branch trunk updated: Improved: no functional change simple formatting - posted by jl...@apache.org on 2022/02/28 17:27:36 UTC, 0 replies.
- [ofbiz-framework] branch trunk updated: Improved: no functional change, simple formatting - posted by jl...@apache.org on 2022/02/28 17:33:46 UTC, 0 replies.