This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a change to branch trunk
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git.
from 6889ed1 Improved: no functional change, adds a BuildBot badge
(INFRA-22807)
new b0b0203 Fixed: Remote Code Execution (File Upload) Vulnerability
(OFBIZ-11948)
new 5b1843f Fixed: Possible authenticated attack related to Tomcat
CVE-2020-1938 (OFBIZ-12558)
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
framework/catalina/ofbiz-component.xml | 12 ++++++++++--
framework/security/config/security.properties | 6 +++---
.../main/java/org/apache/ofbiz/security/SecuredUpload.java | 4 +++-
3 files changed, 16 insertions(+), 6 deletions(-)
