[ofbiz-framework] branch trunk updated: Fixed: Upgrade Tomcat from 9.0.54 to 9.0.58 (OFBIZ-12539)

Wed, 26 Jan 2022 03:34:47 -0800 

This is an automated email from the ASF dual-hosted git repository.

jleroux pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git


The following commit(s) were added to refs/heads/trunk by this push:
     new 6ed30b7  Fixed: Upgrade Tomcat from 9.0.54 to 9.0.58 (OFBIZ-12539)
6ed30b7 is described below

commit 6ed30b76652e24162bcbc6efe4ca912ba0e31bc2
Author: Jacques Le Roux <jacques.le.r...@les7arts.com>
AuthorDate: Wed Jan 26 12:31:50 2022 +0100

    Fixed: Upgrade Tomcat from 9.0.54 to 9.0.58 (OFBIZ-12539)
    
    The fix for bug CVE-2020-9484 introduced a time of check, time of use
    vulnerability that allowed a local attacker to perform actions with the
    privileges of the user that the Tomcat process is using. This issue is only
    exploitable when Tomcat is configured to persist sessions using the 
FileStore.
---
 themes/common-theme/webapp/common/js/package.json | 33 ++++++++++++-----------
 1 file changed, 18 insertions(+), 15 deletions(-)

diff --git a/themes/common-theme/webapp/common/js/package.json 
b/themes/common-theme/webapp/common/js/package.json
index 036a227..429ade6 100644
--- a/themes/common-theme/webapp/common/js/package.json
+++ b/themes/common-theme/webapp/common/js/package.json
@@ -1,17 +1,20 @@
 {
-  "name": "ofbiz-framework",
-  "description": "ofbiz-framework NPM dependencies configuration",
-  "repository": "https://github.com/apache/ofbiz-framework.git";,
-  "license": "Apache-2.0",
-  "dependencies": {
-    "jquery": "^3.6.0",
-    "jquery-migrate": "^3.3.2",
-    "jquery-validation": "^1.19.3",
-    "jquery.browser": "^0.1.0",
-    "dompurify": "^2.3.4",
-    "jquery-ui-dist": "^1.13.0",
-    "trumbowyg": "^2.25.1",
-    "flot": "^4.2.2",
-    "@chinchilla-software/jquery-ui-timepicker-addon": "^1.6.3"
-  }
+    "name": "ofbiz-framework",
+    "description": "ofbiz-framework NPM dependencies configuration",
+    "repository": "https://github.com/apache/ofbiz-framework.git";,
+    "license": "Apache-2.0",
+    "dependencies": {
+        "jquery": "^3.6.0",
+        "jquery-migrate": "^3.3.2",
+        "jquery-validation": "^1.19.3",
+        "jquery.browser": "^0.1.0",
+        "dompurify": "^2.3.4",
+        "jquery-ui-dist": "^1.13.0",
+        "trumbowyg": "^2.25.1",
+        "flot": "^4.2.2",
+        "@chinchilla-software/jquery-ui-timepicker-addon": "^1.6.3"
+    },
+    "scripts": {
+        "lint": "jshint **.js --reporter checkstyle > checkstyle.xml"
+    }
 }

Reply via email to