You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ofbiz.apache.org by jl...@apache.org on 2021/09/01 08:05:52 UTC
[ofbiz-site] branch master updated: Fixes a typo
This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ofbiz-site.git
The following commit(s) were added to refs/heads/master by this push:
new 73cda2a Fixes a typo
73cda2a is described below
commit 73cda2a88601b245870b96b74c48a88ce4223e39
Author: Jacques Le Roux <ja...@les7arts.com>
AuthorDate: Wed Sep 1 10:05:40 2021 +0200
Fixes a typo
---
security.html | 2 +-
template/page/security.tpl.php | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/security.html b/security.html
index f5c84d3..4b9dac2 100644
--- a/security.html
+++ b/security.html
@@ -130,7 +130,7 @@
<h2><a id="security"></a>Security Vulnerabilities</h2>
<div class="divider"><span></span></div>
<p> <strong> We strongly encourage OfBiz users to report security problems affecting OFBiz to the private security mailing lists (either security@ofbiz.apache.org or security@apache.org), before disclosing them in a public forum.</strong></p>
- <p>Note that we no longer create CVEs for post-auth attacks done using the credential demo, notably using the admin user. <a href="https://s.apache.org/dsj2p">Rather create bugs reports in our issue tracker (Jira) for that.</a>. The main reason why we no longer create CVEs post-auth attacks done using the credential demo is because <a href="https://ci.apache.org/projects/ofbiz/site/trunk/readme/html5/README.html#security">we highly suggest to OFBiz users to not use credential [...]
+ <p>Note that we no longer create CVEs for post-auth attacks done using the credential demo, notably using the admin user. <a href="https://s.apache.org/dsj2p">Rather create bugs reports in our issue tracker (Jira) for that.</a> The main reason why we no longer create CVEs post-auth attacks done using the credential demo is because <a href="https://ci.apache.org/projects/ofbiz/site/trunk/readme/html5/README.html#security">we highly suggest to OFBiz users to not use credential [...]
<p>Please see the <a href="https://www.apache.org/security" target="external">ASF Security Team webpage</a> for further information about reporting a security vulnerability as well as their contact information. </p>
<p>You might be interested by our <a href="https://cwiki.apache.org/confluence/display/OFBIZ/Keeping+OFBiz+secure" target="external">Keeping OFBiz secure wiki page.</a></p>
diff --git a/template/page/security.tpl.php b/template/page/security.tpl.php
index ccd1568..5fccda2 100644
--- a/template/page/security.tpl.php
+++ b/template/page/security.tpl.php
@@ -19,7 +19,7 @@
<h2><a id="security"></a>Security Vulnerabilities</h2>
<div class="divider"><span></span></div>
<p> <strong> We strongly encourage OfBiz users to report security problems affecting OFBiz to the private security mailing lists (either security@ofbiz.apache.org or security@apache.org), before disclosing them in a public forum.</strong></p>
- <p>Note that we no longer create CVEs for post-auth attacks done using the credential demo, notably using the admin user. <a href="https://s.apache.org/dsj2p">Rather create bugs reports in our issue tracker (Jira) for that.</a>. The main reason why we no longer create CVEs post-auth attacks done using the credential demo is because <a href="https://ci.apache.org/projects/ofbiz/site/trunk/readme/html5/README.html#security">we highly suggest to OFBiz users to not use credential [...]
+ <p>Note that we no longer create CVEs for post-auth attacks done using the credential demo, notably using the admin user. <a href="https://s.apache.org/dsj2p">Rather create bugs reports in our issue tracker (Jira) for that.</a> The main reason why we no longer create CVEs post-auth attacks done using the credential demo is because <a href="https://ci.apache.org/projects/ofbiz/site/trunk/readme/html5/README.html#security">we highly suggest to OFBiz users to not use credential [...]
<p>Please see the <a href="https://www.apache.org/security" target="external">ASF Security Team webpage</a> for further information about reporting a security vulnerability as well as their contact information. </p>
<p>You might be interested by our <a href="https://cwiki.apache.org/confluence/display/OFBIZ/Keeping+OFBiz+secure" target="external">Keeping OFBiz secure wiki page.</a></p>