This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ofbiz-site.git
The following commit(s) were added to refs/heads/master by this push:
new b4d85b0 [SECURITY] (CVE-2024-23946) Don't need to show files
names in UI messages (OFBIZ-12884) [SECURITY] (CVE-2024-25065) Normalize
contextPath in hasBasePermission (OFBIZ-12887)
b4d85b0 is described below
commit b4d85b0c6438900e7d2108e48e5acec1925d0857
Author: Jacques Le Roux <[email protected]>
AuthorDate: Wed Feb 28 16:52:49 2024 +0100
[SECURITY] (CVE-2024-23946) Don't need to show files names in UI
messages (OFBIZ-12884)
[SECURITY] (CVE-2024-25065) Normalize contextPath in hasBasePermission
(OFBIZ-12887)
Updates CVEs information for above
Updates also texts for CVE-2024-23946, CVE-2024-25065, CVE-2023-51467
and
CVE-2023-50968. They were referring to the wrong affected releases
Also removes the "Latest tweets" in footer, soon the rest will follow
---
.classpath | 6 ++++
.project | 18 ++++++++++++
bootstrap/css/.gitignore | 1 +
bootstrap/img/.gitignore | 2 ++
bootstrap/js/.gitignore | 1 +
desktop.ini | 6 ++++
font-icons/custom-icons/font/.gitignore | 1 +
images/.gitignore | 32
++++++++++++++++++++++
images/icons/.gitignore | 3 ++
images/slider/rs/.gitignore | 5 ++++
images/textures/.gitignore | 2 ++
js/.gitignore | 3 ++
.../ajax-contact-extend/assets/img/.gitignore | 3 ++
.../assets/img/verify/.gitignore | 3 ++
js/plugins/flexslider/images/.gitignore | 1 +
js/plugins/flexslider/themes/.gitignore | 1 +
js/plugins/isotope/.gitignore | 1 +
js/plugins/jquery-browser-plugin/.gitignore | 1 +
js/plugins/jquery.sharrre-1.3.4/.gitignore | 1 +
.../pretty-photo/images/fullscreen/.gitignore | 3 ++
.../images/prettyPhoto/dark_rounded/.gitignore | 6 ++++
.../images/prettyPhoto/dark_square/.gitignore | 6 ++++
.../images/prettyPhoto/default/.gitignore | 7 +++++
.../images/prettyPhoto/facebook/.gitignore | 9 ++++++
.../images/prettyPhoto/light_rounded/.gitignore | 5 ++++
.../images/prettyPhoto/light_square/.gitignore | 5 ++++
.../pretty-photo/images/thumbnails/.gitignore | 2 ++
js/plugins/pretty-photo/js/.gitignore | 3 ++
js/plugins/respond/.gitignore | 1 +
js/plugins/rs-plugin/assets/.gitignore | 32
++++++++++++++++++++++
js/plugins/rs-plugin/images/.gitignore | 3 ++
js/plugins/rs-plugin/images/gradient/.gitignore | 2 ++
js/plugins/rs-plugin/js/.gitignore | 2 ++
js/plugins/sequence/images/.gitignore | 10 +++++++
security.html | 11 +++++---
template/page/security.tpl.php | 6 ++--
36 files changed, 198 insertions(+), 6 deletions(-)
diff --git a/.classpath b/.classpath
new file mode 100644
index 0000000..f62158f
--- /dev/null
+++ b/.classpath
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<classpath>
+ <classpathentry kind="src" path=""/>
+ <classpathentry kind="con" path="GROOVY_DSL_SUPPORT"/>
+ <classpathentry kind="output" path="bin"/>
+</classpath>
diff --git a/.project b/.project
new file mode 100644
index 0000000..76d68d3
--- /dev/null
+++ b/.project
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<projectDescription>
+ <name>Site</name>
+ <comment></comment>
+ <projects/>
+ <natures>
+ <nature>org.eclipse.jdt.groovy.core.groovyNature</nature>
+ <nature>org.eclipse.jdt.core.javanature</nature>
+ </natures>
+ <buildSpec>
+ <buildCommand>
+ <name>org.eclipse.jdt.core.javabuilder</name>
+ <arguments/>
+ </buildCommand>
+ </buildSpec>
+ <linkedResources/>
+ <filteredResources/>
+</projectDescription>
diff --git a/bootstrap/css/.gitignore b/bootstrap/css/.gitignore
new file mode 100644
index 0000000..dd29886
--- /dev/null
+++ b/bootstrap/css/.gitignore
@@ -0,0 +1 @@
+/bootstrap.min.css
diff --git a/bootstrap/img/.gitignore b/bootstrap/img/.gitignore
new file mode 100644
index 0000000..f6e92e2
--- /dev/null
+++ b/bootstrap/img/.gitignore
@@ -0,0 +1,2 @@
+/glyphicons-halflings-white.png
+/glyphicons-halflings.png
diff --git a/bootstrap/js/.gitignore b/bootstrap/js/.gitignore
new file mode 100644
index 0000000..3ce2c31
--- /dev/null
+++ b/bootstrap/js/.gitignore
@@ -0,0 +1 @@
+/bootstrap.min.js
diff --git a/desktop.ini b/desktop.ini
new file mode 100644
index 0000000..3317408
--- /dev/null
+++ b/desktop.ini
@@ -0,0 +1,6 @@
+[.ShellClassInfo]
+IconResource=C:\Windows\system32\SHELL32.dll,94
+[ViewState]
+Mode=
+Vid=
+FolderType=Documents
diff --git a/font-icons/custom-icons/font/.gitignore
b/font-icons/custom-icons/font/.gitignore
new file mode 100644
index 0000000..9c6b073
--- /dev/null
+++ b/font-icons/custom-icons/font/.gitignore
@@ -0,0 +1 @@
+/custom-icons.svg
diff --git a/images/.gitignore b/images/.gitignore
new file mode 100644
index 0000000..18013f8
--- /dev/null
+++ b/images/.gitignore
@@ -0,0 +1,32 @@
+/android-icon-144x144.png
+/android-icon-192x192.png
+/android-icon-36x36.png
+/android-icon-48x48.png
+/android-icon-72x72.png
+/android-icon-96x96.png
+/apple-icon-114x114.png
+/apple-icon-120x120.png
+/apple-icon-144x144.png
+/apple-icon-152x152.png
+/apple-icon-180x180.png
+/apple-icon-57x57.png
+/apple-icon-60x60.png
+/apple-icon-72x72.png
+/apple-icon-76x76.png
+/apple-icon-precomposed.png
+/apple-icon.png
+/download.png
+/favicon-16x16.png
+/favicon-32x32.png
+/favicon-96x96.png
+/favicon.ico
+/favicon_old.ico
+/icon-map.png
+/main-logo.png
+/ms-icon-144x144.png
+/ms-icon-150x150.png
+/ms-icon-310x310.png
+/no-slider-pic.png
+/no-slider-pic2.png
+/ofbiz_logo.png
+/rs-arrows.png
diff --git a/images/icons/.gitignore b/images/icons/.gitignore
new file mode 100644
index 0000000..501fc89
--- /dev/null
+++ b/images/icons/.gitignore
@@ -0,0 +1,3 @@
+/ajax-loader.gif
+/main-nav-hoverstate.png
+/main-nav-normalstate.png
diff --git a/images/slider/rs/.gitignore b/images/slider/rs/.gitignore
new file mode 100644
index 0000000..4a99511
--- /dev/null
+++ b/images/slider/rs/.gitignore
@@ -0,0 +1,5 @@
+/CatalogPromotions-SaphirTheme.png
+/InventoryItems-SaphirTheme.png
+/Project-SaphirTheme.png
+/SalesOrder-SaphirTheme.png
+/thumb.png
diff --git a/images/textures/.gitignore b/images/textures/.gitignore
new file mode 100644
index 0000000..0f30c39
--- /dev/null
+++ b/images/textures/.gitignore
@@ -0,0 +1,2 @@
+/bg-texture-video.png
+/texture-psychedelic-pattern-purple.png
diff --git a/js/.gitignore b/js/.gitignore
new file mode 100644
index 0000000..3530a82
--- /dev/null
+++ b/js/.gitignore
@@ -0,0 +1,3 @@
+/jquery-1.12.4.min.js
+/jquery-migrate-1.0.0.min.js
+/modernizr-2.6.1.min.js
diff --git a/js/plugins/ajax-contact-extend/assets/img/.gitignore
b/js/plugins/ajax-contact-extend/assets/img/.gitignore
new file mode 100644
index 0000000..3e82835
--- /dev/null
+++ b/js/plugins/ajax-contact-extend/assets/img/.gitignore
@@ -0,0 +1,3 @@
+/ajax-loader.gif
+/error.gif
+/success.gif
diff --git a/js/plugins/ajax-contact-extend/assets/img/verify/.gitignore
b/js/plugins/ajax-contact-extend/assets/img/verify/.gitignore
new file mode 100644
index 0000000..deab0e9
--- /dev/null
+++ b/js/plugins/ajax-contact-extend/assets/img/verify/.gitignore
@@ -0,0 +1,3 @@
+/1.png
+/2.png
+/3.png
diff --git a/js/plugins/flexslider/images/.gitignore
b/js/plugins/flexslider/images/.gitignore
new file mode 100644
index 0000000..b8e1052
--- /dev/null
+++ b/js/plugins/flexslider/images/.gitignore
@@ -0,0 +1 @@
+/bg_direction_nav.png
diff --git a/js/plugins/flexslider/themes/.gitignore
b/js/plugins/flexslider/themes/.gitignore
new file mode 100644
index 0000000..f997900
--- /dev/null
+++ b/js/plugins/flexslider/themes/.gitignore
@@ -0,0 +1 @@
+/slider-overlay.png
diff --git a/js/plugins/isotope/.gitignore b/js/plugins/isotope/.gitignore
new file mode 100644
index 0000000..a8293f8
--- /dev/null
+++ b/js/plugins/isotope/.gitignore
@@ -0,0 +1 @@
+/jquery.isotope.min.js
diff --git a/js/plugins/jquery-browser-plugin/.gitignore
b/js/plugins/jquery-browser-plugin/.gitignore
new file mode 100644
index 0000000..b747d22
--- /dev/null
+++ b/js/plugins/jquery-browser-plugin/.gitignore
@@ -0,0 +1 @@
+/jquery.browser.min.js
diff --git a/js/plugins/jquery.sharrre-1.3.4/.gitignore
b/js/plugins/jquery.sharrre-1.3.4/.gitignore
new file mode 100644
index 0000000..e71067d
--- /dev/null
+++ b/js/plugins/jquery.sharrre-1.3.4/.gitignore
@@ -0,0 +1 @@
+/jquery.sharrre-1.3.4.min.js
diff --git a/js/plugins/pretty-photo/images/fullscreen/.gitignore
b/js/plugins/pretty-photo/images/fullscreen/.gitignore
new file mode 100644
index 0000000..00f8ff5
--- /dev/null
+++ b/js/plugins/pretty-photo/images/fullscreen/.gitignore
@@ -0,0 +1,3 @@
+/high.gif
+/huge.gif
+/wide.gif
diff --git
a/js/plugins/pretty-photo/images/prettyPhoto/dark_rounded/.gitignore
b/js/plugins/pretty-photo/images/prettyPhoto/dark_rounded/.gitignore
new file mode 100644
index 0000000..446fdb1
--- /dev/null
+++ b/js/plugins/pretty-photo/images/prettyPhoto/dark_rounded/.gitignore
@@ -0,0 +1,6 @@
+/btnNext.png
+/btnPrevious.png
+/contentPattern.png
+/default_thumbnail.gif
+/loader.gif
+/sprite.png
diff --git
a/js/plugins/pretty-photo/images/prettyPhoto/dark_square/.gitignore
b/js/plugins/pretty-photo/images/prettyPhoto/dark_square/.gitignore
new file mode 100644
index 0000000..446fdb1
--- /dev/null
+++ b/js/plugins/pretty-photo/images/prettyPhoto/dark_square/.gitignore
@@ -0,0 +1,6 @@
+/btnNext.png
+/btnPrevious.png
+/contentPattern.png
+/default_thumbnail.gif
+/loader.gif
+/sprite.png
diff --git a/js/plugins/pretty-photo/images/prettyPhoto/default/.gitignore
b/js/plugins/pretty-photo/images/prettyPhoto/default/.gitignore
new file mode 100644
index 0000000..eb72739
--- /dev/null
+++ b/js/plugins/pretty-photo/images/prettyPhoto/default/.gitignore
@@ -0,0 +1,7 @@
+/default_thumb.png
+/loader.gif
+/sprite.png
+/sprite_next.png
+/sprite_prev.png
+/sprite_x.png
+/sprite_y.png
diff --git
a/js/plugins/pretty-photo/images/prettyPhoto/facebook/.gitignore
b/js/plugins/pretty-photo/images/prettyPhoto/facebook/.gitignore
new file mode 100644
index 0000000..06242fa
--- /dev/null
+++ b/js/plugins/pretty-photo/images/prettyPhoto/facebook/.gitignore
@@ -0,0 +1,9 @@
+/btnNext.png
+/btnPrevious.png
+/contentPatternBottom.png
+/contentPatternLeft.png
+/contentPatternRight.png
+/contentPatternTop.png
+/default_thumbnail.gif
+/loader.gif
+/sprite.png
diff --git
a/js/plugins/pretty-photo/images/prettyPhoto/light_rounded/.gitignore
b/js/plugins/pretty-photo/images/prettyPhoto/light_rounded/.gitignore
new file mode 100644
index 0000000..16f6013
--- /dev/null
+++ b/js/plugins/pretty-photo/images/prettyPhoto/light_rounded/.gitignore
@@ -0,0 +1,5 @@
+/btnNext.png
+/btnPrevious.png
+/default_thumbnail.gif
+/loader.gif
+/sprite.png
diff --git
a/js/plugins/pretty-photo/images/prettyPhoto/light_square/.gitignore
b/js/plugins/pretty-photo/images/prettyPhoto/light_square/.gitignore
new file mode 100644
index 0000000..16f6013
--- /dev/null
+++ b/js/plugins/pretty-photo/images/prettyPhoto/light_square/.gitignore
@@ -0,0 +1,5 @@
+/btnNext.png
+/btnPrevious.png
+/default_thumbnail.gif
+/loader.gif
+/sprite.png
diff --git a/js/plugins/pretty-photo/images/thumbnails/.gitignore
b/js/plugins/pretty-photo/images/thumbnails/.gitignore
new file mode 100644
index 0000000..0b2d1ee
--- /dev/null
+++ b/js/plugins/pretty-photo/images/thumbnails/.gitignore
@@ -0,0 +1,2 @@
+/flash-logo.png
+/quicktime-logo.gif
diff --git a/js/plugins/pretty-photo/js/.gitignore
b/js/plugins/pretty-photo/js/.gitignore
new file mode 100644
index 0000000..b95543e
--- /dev/null
+++ b/js/plugins/pretty-photo/js/.gitignore
@@ -0,0 +1,3 @@
+/jquery-1.3.2.min.js
+/jquery-1.4.4.min.js
+/jquery-1.6.1.min.js
diff --git a/js/plugins/respond/.gitignore b/js/plugins/respond/.gitignore
new file mode 100644
index 0000000..a34f253
--- /dev/null
+++ b/js/plugins/respond/.gitignore
@@ -0,0 +1 @@
+/respond.min.js
diff --git a/js/plugins/rs-plugin/assets/.gitignore
b/js/plugins/rs-plugin/assets/.gitignore
new file mode 100644
index 0000000..222ab34
--- /dev/null
+++ b/js/plugins/rs-plugin/assets/.gitignore
@@ -0,0 +1,32 @@
+/arrow_large_left.png
+/arrow_large_right.png
+/arrow_left.png
+/arrow_left2.png
+/arrow_right.png
+/arrow_right2.png
+/arrowleft.png
+/arrowright.png
+/black50.png
+/boxed_bgtile.png
+/bullet.png
+/bullet_boxed.png
+/bullets.png
+/bullets2.png
+/coloredbg.png
+/grain.png
+/large_left.png
+/large_right.png
+/loader.gif
+/loader2.gif
+/navigdots.png
+/navigdots_bgtile.png
+/shadow1.png
+/shadow2.png
+/shadow3.png
+/small_left.png
+/small_left_boxed.png
+/small_right.png
+/small_right_boxed.png
+/timer.png
+/timerdot.png
+/white50.png
diff --git a/js/plugins/rs-plugin/images/.gitignore
b/js/plugins/rs-plugin/images/.gitignore
new file mode 100644
index 0000000..d3de529
--- /dev/null
+++ b/js/plugins/rs-plugin/images/.gitignore
@@ -0,0 +1,3 @@
+/decor_inside.png
+/decor_inside_white.png
+/decor_testimonial.png
diff --git a/js/plugins/rs-plugin/images/gradient/.gitignore
b/js/plugins/rs-plugin/images/gradient/.gitignore
new file mode 100644
index 0000000..2f05638
--- /dev/null
+++ b/js/plugins/rs-plugin/images/gradient/.gitignore
@@ -0,0 +1,2 @@
+/g30.png
+/g40.png
diff --git a/js/plugins/rs-plugin/js/.gitignore
b/js/plugins/rs-plugin/js/.gitignore
new file mode 100644
index 0000000..d83db48
--- /dev/null
+++ b/js/plugins/rs-plugin/js/.gitignore
@@ -0,0 +1,2 @@
+/jquery.themepunch.plugins.min.js
+/jquery.themepunch.revolution.min.js
diff --git a/js/plugins/sequence/images/.gitignore
b/js/plugins/sequence/images/.gitignore
new file mode 100644
index 0000000..0802321
--- /dev/null
+++ b/js/plugins/sequence/images/.gitignore
@@ -0,0 +1,10 @@
+/bt-next.png
+/bt-prev.png
+/model1.png
+/model2.png
+/model3.png
+/pause-icon.png
+/sequence-logo.png
+/tn-model1.png
+/tn-model2.png
+/tn-model3.png
diff --git a/security.html b/security.html
index 9392e49..1b372ff 100644
--- a/security.html
+++ b/security.html
@@ -145,8 +145,10 @@
<h3>List of Known Vulnerabilities</h3>
<ul class="iconsList">
- <li><i class="icon-pin"></i> <a href="//
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51467"
target="external">CVE-2023-51467</a>; affected release before 18.12.10;
fixed in 18.12.11 with commit <a href="
https://github.com/apache/ofbiz-framework/commit/d8b097f";
target="external">d8b097f</a>, <a href="
https://github.com/apache/ofbiz-framework/commit/1dcfa07180";
target="external">1dcfa07180</a> </li>
- <li><i class="icon-pin"></i> <a href="//
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50968"
target="external">CVE-2023-50968</a>; affected release before 18.12.10;
fixed in 18.12.11 with commit <a href="
https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=82c1737688";
target="external">82c1737688</a></li>
+ <li><i class="icon-pin"></i> <a href="//
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23946"
target="external">CVE-2024-23946</a>; affected releases before 18.12.12;
fixed in 18.12.12 with commits <a href="
https://github.com/apache/ofbiz-framework/commit/b1cf4ef3e1";
target="external">b1cf4ef3e1</a>, <a href="
https://github.com/apache/ofbiz-framework/commit/93f8a58419";
target="external">93f8a58419</a>, <a href="
https://github.com/apache/ofbiz-framework/commit/c910e413ba"; [...]
+ <li><i class="icon-pin"></i> <a href="//
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25065"
target="external">CVE-2024-25065</a>; affected releases before 18.12.12;
fixed in 18.12.12 with commit <a href="
https://github.com/apache/ofbiz-framework/commit/b91a9b7f26";
target="external">b91a9b7f26</a></li>
+ <li><i class="icon-pin"></i> <a href="//
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51467"
target="external">CVE-2023-51467</a>; affected releases before 18.12.11;
fixed in 18.12.11 with commits <a href="
https://github.com/apache/ofbiz-framework/commit/d8b097f";
target="external">d8b097f</a>, <a href="
https://github.com/apache/ofbiz-framework/commit/1dcfa07180";
target="external">1dcfa07180</a> </li>
+ <li><i class="icon-pin"></i> <a href="//
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50968"
target="external">CVE-2023-50968</a>; affected releases before 18.12.11;
fixed in 18.12.11 with commit <a href="
https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=82c1737688";
target="external">82c1737688</a></li>
<li><i class="icon-pin"></i> <a href="//
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49070"
target="external">CVE-2023-49070</a>; affected release 18.12.09; fixed in
18.12.10 with commit <a href="
https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=c59336f604";
target="external">c59336f604</a></li>
<li><i class="icon-pin"></i> <a href="//
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46819"
target="external">CVE-2023-46819</a>; affected release 18.12.08; fixed in
18.12.09 with commit <a href="
https://gitbox.apache.org/repos/asf?p=ofbiz-plugins.git;h=998bf510a";
target="external">998bf510a</a></li>
<li><i class="icon-pin"></i> <a href="//
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25371"
target="external">CVE-2022-25371</a>; affected release 18.12.07; fixed in
18.12.08 with commit <a href="
https://github.com/apache/ofbiz-plugins/commit/41ff12cf8";
target="external">41ff12cf8</a></li>
@@ -199,8 +201,8 @@
<div class="container" id="footer">
<div class="row">
<div class="span6 timelineWidget">
- <h2>Latest tweets</h2>
<!--
+ <h2>Latest tweets</h2>
<div class="divider"><span></span></div>
<ul class="socialNetwork nav">
<li>
@@ -215,10 +217,11 @@
<li><a href="#" class="icon-linkedin socialIcon tips"
title="follow us on Linkedin"><span>linkedin</span></a></li>
<li><a href="#" class="icon-pinterest-circled socialIcon tips"
title="follow us on Pinterest"><span>Pinterest</span></a></li>
</ul>
- -->
<div id="twitterFrame"> <a class="twitter-timeline" href="//
twitter.com/ApacheOfbiz?height=250" data-widget-id="588661945194192896"
data-tweet-limit="2" data-theme="dark" data-chrome="nofooter noheader
transparent" >Tweets by @ApacheOfbiz</a>
<script>!function(d,s,id){var
js,fjs=d.getElementsByTagName(s)[0],p=/^http:/.test(d.location)?'http':'https';if(!d.getElementById(id)){js=d.createElement(s);
js.id=id;js.src=p+"://platform.twitter.com/widgets.js
";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs");</script>
</div>
+ -->
+
</div>
<div class="span3 contactWidget">
<h2>Contact Community</h2>
diff --git a/template/page/security.tpl.php
b/template/page/security.tpl.php
index cc45756..6e974b4 100644
--- a/template/page/security.tpl.php
+++ b/template/page/security.tpl.php
@@ -34,8 +34,10 @@
<h3>List of Known Vulnerabilities</h3>
<ul class="iconsList">
- <li><i class="icon-pin"></i> <a href="//
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51467"
target="external">CVE-2023-51467</a>; affected release before 18.12.10;
fixed in 18.12.11 with commit <a href="
https://github.com/apache/ofbiz-framework/commit/d8b097f";
target="external">d8b097f</a>, <a href="
https://github.com/apache/ofbiz-framework/commit/1dcfa07180";
target="external">1dcfa07180</a> </li>
- <li><i class="icon-pin"></i> <a href="//
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50968"
target="external">CVE-2023-50968</a>; affected release before 18.12.10;
fixed in 18.12.11 with commit <a href="
https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=82c1737688";
target="external">82c1737688</a></li>
+ <li><i class="icon-pin"></i> <a href="//
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23946"
target="external">CVE-2024-23946</a>; affected releases before 18.12.12;
fixed in 18.12.12 with commits <a href="
https://github.com/apache/ofbiz-framework/commit/b1cf4ef3e1";
target="external">b1cf4ef3e1</a>, <a href="
https://github.com/apache/ofbiz-framework/commit/93f8a58419";
target="external">93f8a58419</a>, <a href="
https://github.com/apache/ofbiz-framework/commit/c910e413ba"; [...]
+ <li><i class="icon-pin"></i> <a href="//
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25065"
target="external">CVE-2024-25065</a>; affected releases before 18.12.12;
fixed in 18.12.12 with commit <a href="
https://github.com/apache/ofbiz-framework/commit/b91a9b7f26";
target="external">b91a9b7f26</a></li>
+ <li><i class="icon-pin"></i> <a href="//
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51467"
target="external">CVE-2023-51467</a>; affected releases before 18.12.11;
fixed in 18.12.11 with commits <a href="
https://github.com/apache/ofbiz-framework/commit/d8b097f";
target="external">d8b097f</a>, <a href="
https://github.com/apache/ofbiz-framework/commit/1dcfa07180";
target="external">1dcfa07180</a> </li>
+ <li><i class="icon-pin"></i> <a href="//
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50968"
target="external">CVE-2023-50968</a>; affected releases before 18.12.11;
fixed in 18.12.11 with commit <a href="
https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=82c1737688";
target="external">82c1737688</a></li>
<li><i class="icon-pin"></i> <a href="//
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49070"
target="external">CVE-2023-49070</a>; affected release 18.12.09; fixed in
18.12.10 with commit <a href="
https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=c59336f604";
target="external">c59336f604</a></li>
<li><i class="icon-pin"></i> <a href="//
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46819"
target="external">CVE-2023-46819</a>; affected release 18.12.08; fixed in
18.12.09 with commit <a href="
https://gitbox.apache.org/repos/asf?p=ofbiz-plugins.git;h=998bf510a";
target="external">998bf510a</a></li>
<li><i class="icon-pin"></i> <a href="//
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25371"
target="external">CVE-2022-25371</a>; affected release 18.12.07; fixed in
18.12.08 with commit <a href="
https://github.com/apache/ofbiz-plugins/commit/41ff12cf8";
target="external">41ff12cf8</a></li>
