You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@ofbiz.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2023/02/21 08:11:00 UTC
[jira] [Commented] (OFBIZ-12766) CVE-2023-24998 Apache Commons FileUpload and Tomcat - DoS with excessive parts
[ https://issues.apache.org/jira/browse/OFBIZ-12766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17691449#comment-17691449 ]
ASF subversion and git services commented on OFBIZ-12766:
---------------------------------------------------------
Commit 42bdd084e681268d8301f9c586c13eea5afd6d9b in ofbiz-framework's branch refs/heads/trunk from Jacques Le Roux
[ https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=42bdd084e6 ]
Fixed: CVE-2023-24998 Apache Commons FileUpload and Tomcat - DoS with excessive parts (OFBIZ-12766)
See
https://commons.apache.org/proper/commons-fileupload/security-reports.html
https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.71
for details
> CVE-2023-24998 Apache Commons FileUpload and Tomcat - DoS with excessive parts
> -------------------------------------------------------------------------------
>
> Key: OFBIZ-12766
> URL: https://issues.apache.org/jira/browse/OFBIZ-12766
> Project: OFBiz
> Issue Type: Task
> Components: framework/security, tomcat
> Affects Versions: 22.01.01
> Reporter: Jacques Le Roux
> Assignee: Jacques Le Roux
> Priority: Major
>
> See
> https://commons.apache.org/proper/commons-fileupload/security-reports.html
> https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.71
--
This message was sent by Atlassian Jira
(v8.20.10#820010)