You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ofbiz.apache.org by "Jacques Le Roux (JIRA)" <ji...@apache.org> on 2016/04/09 10:50:25 UTC
[jira] [Commented] (OFBIZ-6568) Update Groovy to 2.4.5 version
[CVE-2016-2170]
[ https://issues.apache.org/jira/browse/OFBIZ-6568?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15233452#comment-15233452 ]
Jacques Le Roux commented on OFBIZ-6568:
----------------------------------------
Without comment from Jose M Ledesma, I'll suspect the Untitled.workflow.zip attachment to be a dangerous spam. I see no way to remove it though.
> Update Groovy to 2.4.5 version [CVE-2016-2170]
> -----------------------------------------------
>
> Key: OFBIZ-6568
> URL: https://issues.apache.org/jira/browse/OFBIZ-6568
> Project: OFBiz
> Issue Type: Sub-task
> Components: framework
> Affects Versions: Release Branch 12.04, Release Branch 13.07, Release Branch 14.12, Trunk, Release Branch 15.12
> Reporter: Jacques Le Roux
> Assignee: Jacopo Cappellato
> Fix For: 14.12.01, 12.04.06, 13.07.03, 15.12.01
>
> Attachments: Untitled.workflow.zip
>
>
> Since it's a security fix we should also update all supported releases branches. http://groovy-lang.org/security.html
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)