This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a change to branch release22.01
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git
from 58ec8cd302 Fixed: [SECURITY] CVE-2023-28708 Apache Tomcat -
Information Disclosure (OFBIZ-12782)
new 6477a8929e Fixed: Disallow string concatenation in uploaded files
(OFBIZ-12794)
new f65b24aed0 Fixed: Disallow string concatenation in uploaded files
(OFBIZ-12794)
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
framework/security/config/security.properties | 2 ++
.../src/main/java/org/apache/ofbiz/security/SecuredUpload.java | 8 ++++++++
2 files changed, 10 insertions(+)
