This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a change to branch release18.12
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git.
from 77a2c74 Improved: no functional change, adds a BuildBot badge
(INFRA-22807)
new e7955fc Fixed: Remote Code Execution (File Upload) Vulnerability
(OFBIZ-11948)
new 4ab4b15 Fixed: Possible authenticated attack related to Tomcat
CVE-2020-1938 (OFBIZ-12558)
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
framework/catalina/ofbiz-component.xml | 12 ++++++++++--
framework/security/config/security.properties | 6 +++---
.../main/java/org/apache/ofbiz/security/SecuredUpload.java | 4 +++-
3 files changed, 16 insertions(+), 6 deletions(-)
