This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a change to branch release22.01
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git.
from ef60c32 Improved: no functional change, adds a BuildBot badge
(INFRA-22807)
new 8c2d759 Fixed: Remote Code Execution (File Upload) Vulnerability
(OFBIZ-11948)
new b2c0a4a Fixed: Possible authenticated attack related to Tomcat
CVE-2020-1938 (OFBIZ-12558)
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
framework/catalina/ofbiz-component.xml | 12 ++++++++++--
framework/security/config/security.properties | 6 +++---
.../main/java/org/apache/ofbiz/security/SecuredUpload.java | 4 +++-
3 files changed, 16 insertions(+), 6 deletions(-)
