You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@ofbiz.apache.org by jl...@apache.org on 2019/09/13 07:21:22 UTC

svn propchange: r1850016 - svn:log

Author: jleroux
Revision: 1850016
Modified property: svn:log

Modified: svn:log at Fri Sep 13 07:21:22 2019
------------------------------------------------------------------------------
--- svn:log (original)
+++ svn:log Fri Sep 13 07:21:22 2019
@@ -5,6 +5,8 @@ r1850015 | jleroux | 2018-12-31 07:38:36
 Improved: Prepare the migration to XStream 1.5
 (OFBIZ-10756)
 
+Fixes CVE-2018-17200
+
 We currently use the UnsupportedClassConverter method in UtilXml class. 
 When the 1.5 version of XStream will be available another way to handle this 
 kind of things will be available and used by default. It's already possible to