Hi Jacques, It seems to me that this commit introduced several changes to the *ofbiz-site* project that may not have been intended.
Could you please confirm that the only changes you intended to make were those in the following two files? - security.html - template/page/security.tpl.php If so, the remaining changes should be reverted (I can take care of the revert). Thanks, Jacopo On Wed, Feb 28, 2024 at 4:53 PM <[email protected]> wrote: > This is an automated email from the ASF dual-hosted git repository. > > jleroux pushed a commit to branch master > in repository https://gitbox.apache.org/repos/asf/ofbiz-site.git > > > The following commit(s) were added to refs/heads/master by this push: > new b4d85b0 [SECURITY] (CVE-2024-23946) Don't need to show files > names in UI messages (OFBIZ-12884) [SECURITY] (CVE-2024-25065) Normalize > contextPath in hasBasePermission (OFBIZ-12887) > b4d85b0 is described below > > commit b4d85b0c6438900e7d2108e48e5acec1925d0857 > Author: Jacques Le Roux <[email protected]> > AuthorDate: Wed Feb 28 16:52:49 2024 +0100 > > [SECURITY] (CVE-2024-23946) Don't need to show files names in UI > messages (OFBIZ-12884) > [SECURITY] (CVE-2024-25065) Normalize contextPath in hasBasePermission > (OFBIZ-12887) > > Updates CVEs information for above > > Updates also texts for CVE-2024-23946, CVE-2024-25065, CVE-2023-51467 > and > CVE-2023-50968. They were referring to the wrong affected releases > > Also removes the "Latest tweets" in footer, soon the rest will follow > --- > .classpath | 6 ++++ > .project | 18 ++++++++++++ > bootstrap/css/.gitignore | 1 + > bootstrap/img/.gitignore | 2 ++ > bootstrap/js/.gitignore | 1 + > desktop.ini | 6 ++++ > font-icons/custom-icons/font/.gitignore | 1 + > images/.gitignore | 32 > ++++++++++++++++++++++ > images/icons/.gitignore | 3 ++ > images/slider/rs/.gitignore | 5 ++++ > images/textures/.gitignore | 2 ++ > js/.gitignore | 3 ++ > .../ajax-contact-extend/assets/img/.gitignore | 3 ++ > .../assets/img/verify/.gitignore | 3 ++ > js/plugins/flexslider/images/.gitignore | 1 + > js/plugins/flexslider/themes/.gitignore | 1 + > js/plugins/isotope/.gitignore | 1 + > js/plugins/jquery-browser-plugin/.gitignore | 1 + > js/plugins/jquery.sharrre-1.3.4/.gitignore | 1 + > .../pretty-photo/images/fullscreen/.gitignore | 3 ++ > .../images/prettyPhoto/dark_rounded/.gitignore | 6 ++++ > .../images/prettyPhoto/dark_square/.gitignore | 6 ++++ > .../images/prettyPhoto/default/.gitignore | 7 +++++ > .../images/prettyPhoto/facebook/.gitignore | 9 ++++++ > .../images/prettyPhoto/light_rounded/.gitignore | 5 ++++ > .../images/prettyPhoto/light_square/.gitignore | 5 ++++ > .../pretty-photo/images/thumbnails/.gitignore | 2 ++ > js/plugins/pretty-photo/js/.gitignore | 3 ++ > js/plugins/respond/.gitignore | 1 + > js/plugins/rs-plugin/assets/.gitignore | 32 > ++++++++++++++++++++++ > js/plugins/rs-plugin/images/.gitignore | 3 ++ > js/plugins/rs-plugin/images/gradient/.gitignore | 2 ++ > js/plugins/rs-plugin/js/.gitignore | 2 ++ > js/plugins/sequence/images/.gitignore | 10 +++++++ > security.html | 11 +++++--- > template/page/security.tpl.php | 6 ++-- > 36 files changed, 198 insertions(+), 6 deletions(-) > > diff --git a/.classpath b/.classpath > new file mode 100644 > index 0000000..f62158f > --- /dev/null > +++ b/.classpath > @@ -0,0 +1,6 @@ > +<?xml version="1.0" encoding="UTF-8"?> > +<classpath> > + <classpathentry kind="src" path=""/> > + <classpathentry kind="con" path="GROOVY_DSL_SUPPORT"/> > + <classpathentry kind="output" path="bin"/> > +</classpath> > diff --git a/.project b/.project > new file mode 100644 > index 0000000..76d68d3 > --- /dev/null > +++ b/.project > @@ -0,0 +1,18 @@ > +<?xml version="1.0" encoding="UTF-8"?> > +<projectDescription> > + <name>Site</name> > + <comment></comment> > + <projects/> > + <natures> > + <nature>org.eclipse.jdt.groovy.core.groovyNature</nature> > + <nature>org.eclipse.jdt.core.javanature</nature> > + </natures> > + <buildSpec> > + <buildCommand> > + <name>org.eclipse.jdt.core.javabuilder</name> > + <arguments/> > + </buildCommand> > + </buildSpec> > + <linkedResources/> > + <filteredResources/> > +</projectDescription> > diff --git a/bootstrap/css/.gitignore b/bootstrap/css/.gitignore > new file mode 100644 > index 0000000..dd29886 > --- /dev/null > +++ b/bootstrap/css/.gitignore > @@ -0,0 +1 @@ > +/bootstrap.min.css > diff --git a/bootstrap/img/.gitignore b/bootstrap/img/.gitignore > new file mode 100644 > index 0000000..f6e92e2 > --- /dev/null > +++ b/bootstrap/img/.gitignore > @@ -0,0 +1,2 @@ > +/glyphicons-halflings-white.png > +/glyphicons-halflings.png > diff --git a/bootstrap/js/.gitignore b/bootstrap/js/.gitignore > new file mode 100644 > index 0000000..3ce2c31 > --- /dev/null > +++ b/bootstrap/js/.gitignore > @@ -0,0 +1 @@ > +/bootstrap.min.js > diff --git a/desktop.ini b/desktop.ini > new file mode 100644 > index 0000000..3317408 > --- /dev/null > +++ b/desktop.ini > @@ -0,0 +1,6 @@ > +[.ShellClassInfo] > +IconResource=C:\Windows\system32\SHELL32.dll,94 > +[ViewState] > +Mode= > +Vid= > +FolderType=Documents > diff --git a/font-icons/custom-icons/font/.gitignore > b/font-icons/custom-icons/font/.gitignore > new file mode 100644 > index 0000000..9c6b073 > --- /dev/null > +++ b/font-icons/custom-icons/font/.gitignore > @@ -0,0 +1 @@ > +/custom-icons.svg > diff --git a/images/.gitignore b/images/.gitignore > new file mode 100644 > index 0000000..18013f8 > --- /dev/null > +++ b/images/.gitignore > @@ -0,0 +1,32 @@ > +/android-icon-144x144.png > +/android-icon-192x192.png > +/android-icon-36x36.png > +/android-icon-48x48.png > +/android-icon-72x72.png > +/android-icon-96x96.png > +/apple-icon-114x114.png > +/apple-icon-120x120.png > +/apple-icon-144x144.png > +/apple-icon-152x152.png > +/apple-icon-180x180.png > +/apple-icon-57x57.png > +/apple-icon-60x60.png > +/apple-icon-72x72.png > +/apple-icon-76x76.png > +/apple-icon-precomposed.png > +/apple-icon.png > +/download.png > +/favicon-16x16.png > +/favicon-32x32.png > +/favicon-96x96.png > +/favicon.ico > +/favicon_old.ico > +/icon-map.png > +/main-logo.png > +/ms-icon-144x144.png > +/ms-icon-150x150.png > +/ms-icon-310x310.png > +/no-slider-pic.png > +/no-slider-pic2.png > +/ofbiz_logo.png > +/rs-arrows.png > diff --git a/images/icons/.gitignore b/images/icons/.gitignore > new file mode 100644 > index 0000000..501fc89 > --- /dev/null > +++ b/images/icons/.gitignore > @@ -0,0 +1,3 @@ > +/ajax-loader.gif > +/main-nav-hoverstate.png > +/main-nav-normalstate.png > diff --git a/images/slider/rs/.gitignore b/images/slider/rs/.gitignore > new file mode 100644 > index 0000000..4a99511 > --- /dev/null > +++ b/images/slider/rs/.gitignore > @@ -0,0 +1,5 @@ > +/CatalogPromotions-SaphirTheme.png > +/InventoryItems-SaphirTheme.png > +/Project-SaphirTheme.png > +/SalesOrder-SaphirTheme.png > +/thumb.png > diff --git a/images/textures/.gitignore b/images/textures/.gitignore > new file mode 100644 > index 0000000..0f30c39 > --- /dev/null > +++ b/images/textures/.gitignore > @@ -0,0 +1,2 @@ > +/bg-texture-video.png > +/texture-psychedelic-pattern-purple.png > diff --git a/js/.gitignore b/js/.gitignore > new file mode 100644 > index 0000000..3530a82 > --- /dev/null > +++ b/js/.gitignore > @@ -0,0 +1,3 @@ > +/jquery-1.12.4.min.js > +/jquery-migrate-1.0.0.min.js > +/modernizr-2.6.1.min.js > diff --git a/js/plugins/ajax-contact-extend/assets/img/.gitignore > b/js/plugins/ajax-contact-extend/assets/img/.gitignore > new file mode 100644 > index 0000000..3e82835 > --- /dev/null > +++ b/js/plugins/ajax-contact-extend/assets/img/.gitignore > @@ -0,0 +1,3 @@ > +/ajax-loader.gif > +/error.gif > +/success.gif > diff --git a/js/plugins/ajax-contact-extend/assets/img/verify/.gitignore > b/js/plugins/ajax-contact-extend/assets/img/verify/.gitignore > new file mode 100644 > index 0000000..deab0e9 > --- /dev/null > +++ b/js/plugins/ajax-contact-extend/assets/img/verify/.gitignore > @@ -0,0 +1,3 @@ > +/1.png > +/2.png > +/3.png > diff --git a/js/plugins/flexslider/images/.gitignore > b/js/plugins/flexslider/images/.gitignore > new file mode 100644 > index 0000000..b8e1052 > --- /dev/null > +++ b/js/plugins/flexslider/images/.gitignore > @@ -0,0 +1 @@ > +/bg_direction_nav.png > diff --git a/js/plugins/flexslider/themes/.gitignore > b/js/plugins/flexslider/themes/.gitignore > new file mode 100644 > index 0000000..f997900 > --- /dev/null > +++ b/js/plugins/flexslider/themes/.gitignore > @@ -0,0 +1 @@ > +/slider-overlay.png > diff --git a/js/plugins/isotope/.gitignore b/js/plugins/isotope/.gitignore > new file mode 100644 > index 0000000..a8293f8 > --- /dev/null > +++ b/js/plugins/isotope/.gitignore > @@ -0,0 +1 @@ > +/jquery.isotope.min.js > diff --git a/js/plugins/jquery-browser-plugin/.gitignore > b/js/plugins/jquery-browser-plugin/.gitignore > new file mode 100644 > index 0000000..b747d22 > --- /dev/null > +++ b/js/plugins/jquery-browser-plugin/.gitignore > @@ -0,0 +1 @@ > +/jquery.browser.min.js > diff --git a/js/plugins/jquery.sharrre-1.3.4/.gitignore > b/js/plugins/jquery.sharrre-1.3.4/.gitignore > new file mode 100644 > index 0000000..e71067d > --- /dev/null > +++ b/js/plugins/jquery.sharrre-1.3.4/.gitignore > @@ -0,0 +1 @@ > +/jquery.sharrre-1.3.4.min.js > diff --git a/js/plugins/pretty-photo/images/fullscreen/.gitignore > b/js/plugins/pretty-photo/images/fullscreen/.gitignore > new file mode 100644 > index 0000000..00f8ff5 > --- /dev/null > +++ b/js/plugins/pretty-photo/images/fullscreen/.gitignore > @@ -0,0 +1,3 @@ > +/high.gif > +/huge.gif > +/wide.gif > diff --git > a/js/plugins/pretty-photo/images/prettyPhoto/dark_rounded/.gitignore > b/js/plugins/pretty-photo/images/prettyPhoto/dark_rounded/.gitignore > new file mode 100644 > index 0000000..446fdb1 > --- /dev/null > +++ b/js/plugins/pretty-photo/images/prettyPhoto/dark_rounded/.gitignore > @@ -0,0 +1,6 @@ > +/btnNext.png > +/btnPrevious.png > +/contentPattern.png > +/default_thumbnail.gif > +/loader.gif > +/sprite.png > diff --git > a/js/plugins/pretty-photo/images/prettyPhoto/dark_square/.gitignore > b/js/plugins/pretty-photo/images/prettyPhoto/dark_square/.gitignore > new file mode 100644 > index 0000000..446fdb1 > --- /dev/null > +++ b/js/plugins/pretty-photo/images/prettyPhoto/dark_square/.gitignore > @@ -0,0 +1,6 @@ > +/btnNext.png > +/btnPrevious.png > +/contentPattern.png > +/default_thumbnail.gif > +/loader.gif > +/sprite.png > diff --git a/js/plugins/pretty-photo/images/prettyPhoto/default/.gitignore > b/js/plugins/pretty-photo/images/prettyPhoto/default/.gitignore > new file mode 100644 > index 0000000..eb72739 > --- /dev/null > +++ b/js/plugins/pretty-photo/images/prettyPhoto/default/.gitignore > @@ -0,0 +1,7 @@ > +/default_thumb.png > +/loader.gif > +/sprite.png > +/sprite_next.png > +/sprite_prev.png > +/sprite_x.png > +/sprite_y.png > diff --git > a/js/plugins/pretty-photo/images/prettyPhoto/facebook/.gitignore > b/js/plugins/pretty-photo/images/prettyPhoto/facebook/.gitignore > new file mode 100644 > index 0000000..06242fa > --- /dev/null > +++ b/js/plugins/pretty-photo/images/prettyPhoto/facebook/.gitignore > @@ -0,0 +1,9 @@ > +/btnNext.png > +/btnPrevious.png > +/contentPatternBottom.png > +/contentPatternLeft.png > +/contentPatternRight.png > +/contentPatternTop.png > +/default_thumbnail.gif > +/loader.gif > +/sprite.png > diff --git > a/js/plugins/pretty-photo/images/prettyPhoto/light_rounded/.gitignore > b/js/plugins/pretty-photo/images/prettyPhoto/light_rounded/.gitignore > new file mode 100644 > index 0000000..16f6013 > --- /dev/null > +++ b/js/plugins/pretty-photo/images/prettyPhoto/light_rounded/.gitignore > @@ -0,0 +1,5 @@ > +/btnNext.png > +/btnPrevious.png > +/default_thumbnail.gif > +/loader.gif > +/sprite.png > diff --git > a/js/plugins/pretty-photo/images/prettyPhoto/light_square/.gitignore > b/js/plugins/pretty-photo/images/prettyPhoto/light_square/.gitignore > new file mode 100644 > index 0000000..16f6013 > --- /dev/null > +++ b/js/plugins/pretty-photo/images/prettyPhoto/light_square/.gitignore > @@ -0,0 +1,5 @@ > +/btnNext.png > +/btnPrevious.png > +/default_thumbnail.gif > +/loader.gif > +/sprite.png > diff --git a/js/plugins/pretty-photo/images/thumbnails/.gitignore > b/js/plugins/pretty-photo/images/thumbnails/.gitignore > new file mode 100644 > index 0000000..0b2d1ee > --- /dev/null > +++ b/js/plugins/pretty-photo/images/thumbnails/.gitignore > @@ -0,0 +1,2 @@ > +/flash-logo.png > +/quicktime-logo.gif > diff --git a/js/plugins/pretty-photo/js/.gitignore > b/js/plugins/pretty-photo/js/.gitignore > new file mode 100644 > index 0000000..b95543e > --- /dev/null > +++ b/js/plugins/pretty-photo/js/.gitignore > @@ -0,0 +1,3 @@ > +/jquery-1.3.2.min.js > +/jquery-1.4.4.min.js > +/jquery-1.6.1.min.js > diff --git a/js/plugins/respond/.gitignore b/js/plugins/respond/.gitignore > new file mode 100644 > index 0000000..a34f253 > --- /dev/null > +++ b/js/plugins/respond/.gitignore > @@ -0,0 +1 @@ > +/respond.min.js > diff --git a/js/plugins/rs-plugin/assets/.gitignore > b/js/plugins/rs-plugin/assets/.gitignore > new file mode 100644 > index 0000000..222ab34 > --- /dev/null > +++ b/js/plugins/rs-plugin/assets/.gitignore > @@ -0,0 +1,32 @@ > +/arrow_large_left.png > +/arrow_large_right.png > +/arrow_left.png > +/arrow_left2.png > +/arrow_right.png > +/arrow_right2.png > +/arrowleft.png > +/arrowright.png > +/black50.png > +/boxed_bgtile.png > +/bullet.png > +/bullet_boxed.png > +/bullets.png > +/bullets2.png > +/coloredbg.png > +/grain.png > +/large_left.png > +/large_right.png > +/loader.gif > +/loader2.gif > +/navigdots.png > +/navigdots_bgtile.png > +/shadow1.png > +/shadow2.png > +/shadow3.png > +/small_left.png > +/small_left_boxed.png > +/small_right.png > +/small_right_boxed.png > +/timer.png > +/timerdot.png > +/white50.png > diff --git a/js/plugins/rs-plugin/images/.gitignore > b/js/plugins/rs-plugin/images/.gitignore > new file mode 100644 > index 0000000..d3de529 > --- /dev/null > +++ b/js/plugins/rs-plugin/images/.gitignore > @@ -0,0 +1,3 @@ > +/decor_inside.png > +/decor_inside_white.png > +/decor_testimonial.png > diff --git a/js/plugins/rs-plugin/images/gradient/.gitignore > b/js/plugins/rs-plugin/images/gradient/.gitignore > new file mode 100644 > index 0000000..2f05638 > --- /dev/null > +++ b/js/plugins/rs-plugin/images/gradient/.gitignore > @@ -0,0 +1,2 @@ > +/g30.png > +/g40.png > diff --git a/js/plugins/rs-plugin/js/.gitignore > b/js/plugins/rs-plugin/js/.gitignore > new file mode 100644 > index 0000000..d83db48 > --- /dev/null > +++ b/js/plugins/rs-plugin/js/.gitignore > @@ -0,0 +1,2 @@ > +/jquery.themepunch.plugins.min.js > +/jquery.themepunch.revolution.min.js > diff --git a/js/plugins/sequence/images/.gitignore > b/js/plugins/sequence/images/.gitignore > new file mode 100644 > index 0000000..0802321 > --- /dev/null > +++ b/js/plugins/sequence/images/.gitignore > @@ -0,0 +1,10 @@ > +/bt-next.png > +/bt-prev.png > +/model1.png > +/model2.png > +/model3.png > +/pause-icon.png > +/sequence-logo.png > +/tn-model1.png > +/tn-model2.png > +/tn-model3.png > diff --git a/security.html b/security.html > index 9392e49..1b372ff 100644 > --- a/security.html > +++ b/security.html > @@ -145,8 +145,10 @@ > > <h3>List of Known Vulnerabilities</h3> > <ul class="iconsList"> > - <li><i class="icon-pin"></i> <a href="// > cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51467" > target="external">CVE-2023-51467</a>; affected release before 18.12.10; > fixed in 18.12.11 with commit <a href=" > https://github.com/apache/ofbiz-framework/commit/d8b097f"; > target="external">d8b097f</a>, <a href=" > https://github.com/apache/ofbiz-framework/commit/1dcfa07180"; > target="external">1dcfa07180</a> </li> > - <li><i class="icon-pin"></i> <a href="// > cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50968" > target="external">CVE-2023-50968</a>; affected release before 18.12.10; > fixed in 18.12.11 with commit <a href=" > https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=82c1737688"; > target="external">82c1737688</a></li> > + <li><i class="icon-pin"></i> <a href="// > cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23946" > target="external">CVE-2024-23946</a>; affected releases before 18.12.12; > fixed in 18.12.12 with commits <a href=" > https://github.com/apache/ofbiz-framework/commit/b1cf4ef3e1"; > target="external">b1cf4ef3e1</a>, <a href=" > https://github.com/apache/ofbiz-framework/commit/93f8a58419"; > target="external">93f8a58419</a>, <a href=" > https://github.com/apache/ofbiz-framework/commit/c910e413ba"; [...] > + <li><i class="icon-pin"></i> <a href="// > cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25065" > target="external">CVE-2024-25065</a>; affected releases before 18.12.12; > fixed in 18.12.12 with commit <a href=" > https://github.com/apache/ofbiz-framework/commit/b91a9b7f26"; > target="external">b91a9b7f26</a></li> > + <li><i class="icon-pin"></i> <a href="// > cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51467" > target="external">CVE-2023-51467</a>; affected releases before 18.12.11; > fixed in 18.12.11 with commits <a href=" > https://github.com/apache/ofbiz-framework/commit/d8b097f"; > target="external">d8b097f</a>, <a href=" > https://github.com/apache/ofbiz-framework/commit/1dcfa07180"; > target="external">1dcfa07180</a> </li> > + <li><i class="icon-pin"></i> <a href="// > cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50968" > target="external">CVE-2023-50968</a>; affected releases before 18.12.11; > fixed in 18.12.11 with commit <a href=" > https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=82c1737688"; > target="external">82c1737688</a></li> > <li><i class="icon-pin"></i> <a href="// > cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49070" > target="external">CVE-2023-49070</a>; affected release 18.12.09; fixed in > 18.12.10 with commit <a href=" > https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=c59336f604"; > target="external">c59336f604</a></li> > <li><i class="icon-pin"></i> <a href="// > cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46819" > target="external">CVE-2023-46819</a>; affected release 18.12.08; fixed in > 18.12.09 with commit <a href=" > https://gitbox.apache.org/repos/asf?p=ofbiz-plugins.git;h=998bf510a"; > target="external">998bf510a</a></li> > <li><i class="icon-pin"></i> <a href="// > cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25371" > target="external">CVE-2022-25371</a>; affected release 18.12.07; fixed in > 18.12.08 with commit <a href=" > https://github.com/apache/ofbiz-plugins/commit/41ff12cf8"; > target="external">41ff12cf8</a></li> > @@ -199,8 +201,8 @@ > <div class="container" id="footer"> > <div class="row"> > <div class="span6 timelineWidget"> > - <h2>Latest tweets</h2> > <!-- > + <h2>Latest tweets</h2> > <div class="divider"><span></span></div> > <ul class="socialNetwork nav"> > <li> > @@ -215,10 +217,11 @@ > <li><a href="#" class="icon-linkedin socialIcon tips" > title="follow us on Linkedin"><span>linkedin</span></a></li> > <li><a href="#" class="icon-pinterest-circled socialIcon tips" > title="follow us on Pinterest"><span>Pinterest</span></a></li> > </ul> > - --> > <div id="twitterFrame"> <a class="twitter-timeline" href="// > twitter.com/ApacheOfbiz?height=250" data-widget-id="588661945194192896" > data-tweet-limit="2" data-theme="dark" data-chrome="nofooter noheader > transparent" >Tweets by @ApacheOfbiz</a> > <script>!function(d,s,id){var > js,fjs=d.getElementsByTagName(s)[0],p=/^http:/.test(d.location)?'http':'https';if(!d.getElementById(id)){js=d.createElement(s); > js.id=id;js.src=p+"://platform.twitter.com/widgets.js > ";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs");</script> > </div> > + --> > + > </div> > <div class="span3 contactWidget"> > <h2>Contact Community</h2> > diff --git a/template/page/security.tpl.php > b/template/page/security.tpl.php > index cc45756..6e974b4 100644 > --- a/template/page/security.tpl.php > +++ b/template/page/security.tpl.php > @@ -34,8 +34,10 @@ > > <h3>List of Known Vulnerabilities</h3> > <ul class="iconsList"> > - <li><i class="icon-pin"></i> <a href="// > cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51467" > target="external">CVE-2023-51467</a>; affected release before 18.12.10; > fixed in 18.12.11 with commit <a href=" > https://github.com/apache/ofbiz-framework/commit/d8b097f"; > target="external">d8b097f</a>, <a href=" > https://github.com/apache/ofbiz-framework/commit/1dcfa07180"; > target="external">1dcfa07180</a> </li> > - <li><i class="icon-pin"></i> <a href="// > cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50968" > target="external">CVE-2023-50968</a>; affected release before 18.12.10; > fixed in 18.12.11 with commit <a href=" > https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=82c1737688"; > target="external">82c1737688</a></li> > + <li><i class="icon-pin"></i> <a href="// > cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23946" > target="external">CVE-2024-23946</a>; affected releases before 18.12.12; > fixed in 18.12.12 with commits <a href=" > https://github.com/apache/ofbiz-framework/commit/b1cf4ef3e1"; > target="external">b1cf4ef3e1</a>, <a href=" > https://github.com/apache/ofbiz-framework/commit/93f8a58419"; > target="external">93f8a58419</a>, <a href=" > https://github.com/apache/ofbiz-framework/commit/c910e413ba"; [...] > + <li><i class="icon-pin"></i> <a href="// > cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25065" > target="external">CVE-2024-25065</a>; affected releases before 18.12.12; > fixed in 18.12.12 with commit <a href=" > https://github.com/apache/ofbiz-framework/commit/b91a9b7f26"; > target="external">b91a9b7f26</a></li> > + <li><i class="icon-pin"></i> <a href="// > cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51467" > target="external">CVE-2023-51467</a>; affected releases before 18.12.11; > fixed in 18.12.11 with commits <a href=" > https://github.com/apache/ofbiz-framework/commit/d8b097f"; > target="external">d8b097f</a>, <a href=" > https://github.com/apache/ofbiz-framework/commit/1dcfa07180"; > target="external">1dcfa07180</a> </li> > + <li><i class="icon-pin"></i> <a href="// > cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50968" > target="external">CVE-2023-50968</a>; affected releases before 18.12.11; > fixed in 18.12.11 with commit <a href=" > https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=82c1737688"; > target="external">82c1737688</a></li> > <li><i class="icon-pin"></i> <a href="// > cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49070" > target="external">CVE-2023-49070</a>; affected release 18.12.09; fixed in > 18.12.10 with commit <a href=" > https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=c59336f604"; > target="external">c59336f604</a></li> > <li><i class="icon-pin"></i> <a href="// > cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46819" > target="external">CVE-2023-46819</a>; affected release 18.12.08; fixed in > 18.12.09 with commit <a href=" > https://gitbox.apache.org/repos/asf?p=ofbiz-plugins.git;h=998bf510a"; > target="external">998bf510a</a></li> > <li><i class="icon-pin"></i> <a href="// > cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25371" > target="external">CVE-2022-25371</a>; affected release 18.12.07; fixed in > 18.12.08 with commit <a href=" > https://github.com/apache/ofbiz-plugins/commit/41ff12cf8"; > target="external">41ff12cf8</a></li> > >
