[ANNOUNCE] Apache OFBiz 12.04.02 released

[Jacopo Cappellato <ja...@apache.org>]

The Apache OFBiz community is pleased to announce the new release "Apache OFBiz 12.04.02".

Apache OFBiz is an open source enterprise automation software project (ERP, CRM, E-Business / E-Commerce, MRP, SCM, CMMS/EAM...):

http://ofbiz.apache.org/

"Apache OFBiz 12.04.02" is a bug fix release for the 12.04 series; all users of "Apache OFBiz 12.04.01" release are encouraged to upgrade to this latest release because the new release contains several bug fixes including fixes for the following security vulnerabilities: 

CVE-2013-2137 - XSS vulnerability in the "View Log" screen of the OFBiz Webtools application
CVE-2013-2250 - Nested expression evaluation allows remote users to execute arbitrary UEL functions in OFBiz

See also:

http://ofbiz.apache.org/download.html#vulnerabilities

The release file can be downloaded following the instructions in the OFBiz download page :

http://ofbiz.apache.org/download.html

The OFBiz Team.

RE: [ANNOUNCE] Apache OFBiz 12.04.02 released

[SirDouglas Cook <si...@hotmail.com>]

Please make the emails to sirdouglascook@hotmail.com stop...

and remove my email addresses from 

*gregory.draperi@gmail.com
*security@apache.org
*dev@ofbiz.apache.org
*user@ofbiz.apache.org
*announce@apache.org
*full-disclosure@lists.grok.org.uk
*bugtraq@securityfocus.com

This has been over a month, I am fed up.. I have asked everyone .. everywhere..
I shouldn't have to contact ISP's and Spam forums to shut you down... nor should anyone else.
But for &*^& sakes... remove me from your data bases NOW.

Thank you,

Doug

Confidentiality Warning: This message and any attachments are intended only for the use of the intended recipient(s), are confidential and may be privileged. If you are not the intended recipient, you are hereby notified that any review, retransmission, conversion to hard copy, copying, circulation or other use of this message and any attachments is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return email and delete this message and any attachments from your system. Thank you.

Avertissement concernant la confidentialité : Ce message et toutes les pièces jointes s'y rattachant sont destinés uniquement et aux fins du destinataire(s) prévu(s), sont confidentiels et peuvent être protégés par le privilège. Si vous n'êtes pas le destinataire prévu, nous vous avisons, par la présente, que toute revue, retransmission, conversion en sortie papier, copie ainsi que toute circulation ou utilisation autre que celle envisagée pour ce message et pour toutes ses pièces jointes sont strictement interdites. Si vous n'êtes pas le destinataire prévu, veuillez immédiatement en aviser l'expéditeur par retour de courrier électronique et supprimez ce message ainsi que toutes les pièces jointes de votre système. Merci. 


> From: jacopoc@apache.org
> Subject: [ANNOUNCE] Apache OFBiz 12.04.02 released
> Date: Sat, 20 Jul 2013 18:01:00 +0200
> To: announce@apache.org; dev@ofbiz.apache.org; user@ofbiz.apache.org; security@apache.org
> 
> The Apache OFBiz community is pleased to announce the new release "Apache OFBiz 12.04.02".
> 
> Apache OFBiz is an open source enterprise automation software project (ERP, CRM, E-Business / E-Commerce, MRP, SCM, CMMS/EAM...):
> 
> http://ofbiz.apache.org/
> 
> "Apache OFBiz 12.04.02" is a bug fix release for the 12.04 series; all users of "Apache OFBiz 12.04.01" release are encouraged to upgrade to this latest release because the new release contains several bug fixes including fixes for the following security vulnerabilities: 
> 
> CVE-2013-2137 - XSS vulnerability in the "View Log" screen of the OFBiz Webtools application
> CVE-2013-2250 - Nested expression evaluation allows remote users to execute arbitrary UEL functions in OFBiz
> 
> See also:
> 
> http://ofbiz.apache.org/download.html#vulnerabilities
> 
> The release file can be downloaded following the instructions in the OFBiz download page :
> 
> http://ofbiz.apache.org/download.html
> 
> The OFBiz Team.