You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ofbiz.apache.org by jl...@apache.org on 2019/09/13 07:38:21 UTC
svn propchange: r1853695 - svn:log
Author: jleroux
Revision: 1853695
Modified property: svn:log
Modified: svn:log at Fri Sep 13 07:38:21 2019
------------------------------------------------------------------------------
--- svn:log (original)
+++ svn:log Fri Sep 13 07:38:21 2019
@@ -5,6 +5,8 @@ r1853691 | jleroux | 2019-02-16 10:42:03
Improved: Improve ObjectInputStream class
(OFBIZ-10837)
+Fixes CVE-2019-0189
+
As reported by FindBugs and Sonar, it's troubling (a Bad practice in Sonar[1],
a code smell in Findbugs[2]) when extending to use the same name than the
extended Object
@@ -12,4 +14,3 @@ extended Object
[1] https://sbforge.org/sonar/rules/show/findbugs:NM_SAME_SIMPLE_NAME_AS_SUPERCLASS?layout=false
[2] https://logging.apache.org/log4j/log4j-2.2/log4j-jul/findbugs.html
------------------------------------------------------------------------
-