No problems, this is now fixed (see PR https://github.com/apache/ofbiz-site/pull/24 ).
Jacopo On Thu, Jun 11, 2026 at 5:42 PM Jacques Le Roux via dev < [email protected]> wrote: > Hi Jacopo, > > Indeed that's pretty weird. I have no ideas about what happened. Being > quite busy with some home renovations, I'd appreciate if you could take > care of > it, sorry for that. > > Note: I have not checked the good and bad parts... > > TIA > > Jacques > > Le 11/06/2026 à 14:55, Jacopo Cappellato a écrit : > > Hi Jacques, > > > > It seems to me that this commit introduced several changes to the > > *ofbiz-site* project that may not have been intended. > > > > Could you please confirm that the only changes you intended to make were > > those in the following two files? > > > > - > > > > security.html > > - > > > > template/page/security.tpl.php > > > > If so, the remaining changes should be reverted (I can take care of the > > revert). > > > > Thanks, > > > > Jacopo > > On Wed, Feb 28, 2024 at 4:53 PM <[email protected]> wrote: > > > >> This is an automated email from the ASF dual-hosted git repository. > >> > >> jleroux pushed a commit to branch master > >> in repository https://gitbox.apache.org/repos/asf/ofbiz-site.git > >> > >> > >> The following commit(s) were added to refs/heads/master by this push: > >> new b4d85b0 [SECURITY] (CVE-2024-23946) Don't need to show files > >> names in UI messages (OFBIZ-12884) [SECURITY] (CVE-2024-25065) Normalize > >> contextPath in hasBasePermission (OFBIZ-12887) > >> b4d85b0 is described below > >> > >> commit b4d85b0c6438900e7d2108e48e5acec1925d0857 > >> Author: Jacques Le Roux <[email protected]> > >> AuthorDate: Wed Feb 28 16:52:49 2024 +0100 > >> > >> [SECURITY] (CVE-2024-23946) Don't need to show files names in UI > >> messages (OFBIZ-12884) > >> [SECURITY] (CVE-2024-25065) Normalize contextPath in > hasBasePermission > >> (OFBIZ-12887) > >> > >> Updates CVEs information for above > >> > >> Updates also texts for CVE-2024-23946, CVE-2024-25065, > CVE-2023-51467 > >> and > >> CVE-2023-50968. They were referring to the wrong affected releases > >> > >> Also removes the "Latest tweets" in footer, soon the rest will > follow > >> --- > >> .classpath | 6 ++++ > >> .project | 18 ++++++++++++ > >> bootstrap/css/.gitignore | 1 + > >> bootstrap/img/.gitignore | 2 ++ > >> bootstrap/js/.gitignore | 1 + > >> desktop.ini | 6 ++++ > >> font-icons/custom-icons/font/.gitignore | 1 + > >> images/.gitignore | 32 > >> ++++++++++++++++++++++ > >> images/icons/.gitignore | 3 ++ > >> images/slider/rs/.gitignore | 5 ++++ > >> images/textures/.gitignore | 2 ++ > >> js/.gitignore | 3 ++ > >> .../ajax-contact-extend/assets/img/.gitignore | 3 ++ > >> .../assets/img/verify/.gitignore | 3 ++ > >> js/plugins/flexslider/images/.gitignore | 1 + > >> js/plugins/flexslider/themes/.gitignore | 1 + > >> js/plugins/isotope/.gitignore | 1 + > >> js/plugins/jquery-browser-plugin/.gitignore | 1 + > >> js/plugins/jquery.sharrre-1.3.4/.gitignore | 1 + > >> .../pretty-photo/images/fullscreen/.gitignore | 3 ++ > >> .../images/prettyPhoto/dark_rounded/.gitignore | 6 ++++ > >> .../images/prettyPhoto/dark_square/.gitignore | 6 ++++ > >> .../images/prettyPhoto/default/.gitignore | 7 +++++ > >> .../images/prettyPhoto/facebook/.gitignore | 9 ++++++ > >> .../images/prettyPhoto/light_rounded/.gitignore | 5 ++++ > >> .../images/prettyPhoto/light_square/.gitignore | 5 ++++ > >> .../pretty-photo/images/thumbnails/.gitignore | 2 ++ > >> js/plugins/pretty-photo/js/.gitignore | 3 ++ > >> js/plugins/respond/.gitignore | 1 + > >> js/plugins/rs-plugin/assets/.gitignore | 32 > >> ++++++++++++++++++++++ > >> js/plugins/rs-plugin/images/.gitignore | 3 ++ > >> js/plugins/rs-plugin/images/gradient/.gitignore | 2 ++ > >> js/plugins/rs-plugin/js/.gitignore | 2 ++ > >> js/plugins/sequence/images/.gitignore | 10 +++++++ > >> security.html | 11 +++++--- > >> template/page/security.tpl.php | 6 ++-- > >> 36 files changed, 198 insertions(+), 6 deletions(-) > >> > >> diff --git a/.classpath b/.classpath > >> new file mode 100644 > >> index 0000000..f62158f > >> --- /dev/null > >> +++ b/.classpath > >> @@ -0,0 +1,6 @@ > >> +<?xml version="1.0" encoding="UTF-8"?> > >> +<classpath> > >> + <classpathentry kind="src" path=""/> > >> + <classpathentry kind="con" path="GROOVY_DSL_SUPPORT"/> > >> + <classpathentry kind="output" path="bin"/> > >> +</classpath> > >> diff --git a/.project b/.project > >> new file mode 100644 > >> index 0000000..76d68d3 > >> --- /dev/null > >> +++ b/.project > >> @@ -0,0 +1,18 @@ > >> +<?xml version="1.0" encoding="UTF-8"?> > >> +<projectDescription> > >> + <name>Site</name> > >> + <comment></comment> > >> + <projects/> > >> + <natures> > >> + > <nature>org.eclipse.jdt.groovy.core.groovyNature</nature> > >> + <nature>org.eclipse.jdt.core.javanature</nature> > >> + </natures> > >> + <buildSpec> > >> + <buildCommand> > >> + <name>org.eclipse.jdt.core.javabuilder</name> > >> + <arguments/> > >> + </buildCommand> > >> + </buildSpec> > >> + <linkedResources/> > >> + <filteredResources/> > >> +</projectDescription> > >> diff --git a/bootstrap/css/.gitignore b/bootstrap/css/.gitignore > >> new file mode 100644 > >> index 0000000..dd29886 > >> --- /dev/null > >> +++ b/bootstrap/css/.gitignore > >> @@ -0,0 +1 @@ > >> +/bootstrap.min.css > >> diff --git a/bootstrap/img/.gitignore b/bootstrap/img/.gitignore > >> new file mode 100644 > >> index 0000000..f6e92e2 > >> --- /dev/null > >> +++ b/bootstrap/img/.gitignore > >> @@ -0,0 +1,2 @@ > >> +/glyphicons-halflings-white.png > >> +/glyphicons-halflings.png > >> diff --git a/bootstrap/js/.gitignore b/bootstrap/js/.gitignore > >> new file mode 100644 > >> index 0000000..3ce2c31 > >> --- /dev/null > >> +++ b/bootstrap/js/.gitignore > >> @@ -0,0 +1 @@ > >> +/bootstrap.min.js > >> diff --git a/desktop.ini b/desktop.ini > >> new file mode 100644 > >> index 0000000..3317408 > >> --- /dev/null > >> +++ b/desktop.ini > >> @@ -0,0 +1,6 @@ > >> +[.ShellClassInfo] > >> +IconResource=C:\Windows\system32\SHELL32.dll,94 > >> +[ViewState] > >> +Mode= > >> +Vid= > >> +FolderType=Documents > >> diff --git a/font-icons/custom-icons/font/.gitignore > >> b/font-icons/custom-icons/font/.gitignore > >> new file mode 100644 > >> index 0000000..9c6b073 > >> --- /dev/null > >> +++ b/font-icons/custom-icons/font/.gitignore > >> @@ -0,0 +1 @@ > >> +/custom-icons.svg > >> diff --git a/images/.gitignore b/images/.gitignore > >> new file mode 100644 > >> index 0000000..18013f8 > >> --- /dev/null > >> +++ b/images/.gitignore > >> @@ -0,0 +1,32 @@ > >> +/android-icon-144x144.png > >> +/android-icon-192x192.png > >> +/android-icon-36x36.png > >> +/android-icon-48x48.png > >> +/android-icon-72x72.png > >> +/android-icon-96x96.png > >> +/apple-icon-114x114.png > >> +/apple-icon-120x120.png > >> +/apple-icon-144x144.png > >> +/apple-icon-152x152.png > >> +/apple-icon-180x180.png > >> +/apple-icon-57x57.png > >> +/apple-icon-60x60.png > >> +/apple-icon-72x72.png > >> +/apple-icon-76x76.png > >> +/apple-icon-precomposed.png > >> +/apple-icon.png > >> +/download.png > >> +/favicon-16x16.png > >> +/favicon-32x32.png > >> +/favicon-96x96.png > >> +/favicon.ico > >> +/favicon_old.ico > >> +/icon-map.png > >> +/main-logo.png > >> +/ms-icon-144x144.png > >> +/ms-icon-150x150.png > >> +/ms-icon-310x310.png > >> +/no-slider-pic.png > >> +/no-slider-pic2.png > >> +/ofbiz_logo.png > >> +/rs-arrows.png > >> diff --git a/images/icons/.gitignore b/images/icons/.gitignore > >> new file mode 100644 > >> index 0000000..501fc89 > >> --- /dev/null > >> +++ b/images/icons/.gitignore > >> @@ -0,0 +1,3 @@ > >> +/ajax-loader.gif > >> +/main-nav-hoverstate.png > >> +/main-nav-normalstate.png > >> diff --git a/images/slider/rs/.gitignore b/images/slider/rs/.gitignore > >> new file mode 100644 > >> index 0000000..4a99511 > >> --- /dev/null > >> +++ b/images/slider/rs/.gitignore > >> @@ -0,0 +1,5 @@ > >> +/CatalogPromotions-SaphirTheme.png > >> +/InventoryItems-SaphirTheme.png > >> +/Project-SaphirTheme.png > >> +/SalesOrder-SaphirTheme.png > >> +/thumb.png > >> diff --git a/images/textures/.gitignore b/images/textures/.gitignore > >> new file mode 100644 > >> index 0000000..0f30c39 > >> --- /dev/null > >> +++ b/images/textures/.gitignore > >> @@ -0,0 +1,2 @@ > >> +/bg-texture-video.png > >> +/texture-psychedelic-pattern-purple.png > >> diff --git a/js/.gitignore b/js/.gitignore > >> new file mode 100644 > >> index 0000000..3530a82 > >> --- /dev/null > >> +++ b/js/.gitignore > >> @@ -0,0 +1,3 @@ > >> +/jquery-1.12.4.min.js > >> +/jquery-migrate-1.0.0.min.js > >> +/modernizr-2.6.1.min.js > >> diff --git a/js/plugins/ajax-contact-extend/assets/img/.gitignore > >> b/js/plugins/ajax-contact-extend/assets/img/.gitignore > >> new file mode 100644 > >> index 0000000..3e82835 > >> --- /dev/null > >> +++ b/js/plugins/ajax-contact-extend/assets/img/.gitignore > >> @@ -0,0 +1,3 @@ > >> +/ajax-loader.gif > >> +/error.gif > >> +/success.gif > >> diff --git a/js/plugins/ajax-contact-extend/assets/img/verify/.gitignore > >> b/js/plugins/ajax-contact-extend/assets/img/verify/.gitignore > >> new file mode 100644 > >> index 0000000..deab0e9 > >> --- /dev/null > >> +++ b/js/plugins/ajax-contact-extend/assets/img/verify/.gitignore > >> @@ -0,0 +1,3 @@ > >> +/1.png > >> +/2.png > >> +/3.png > >> diff --git a/js/plugins/flexslider/images/.gitignore > >> b/js/plugins/flexslider/images/.gitignore > >> new file mode 100644 > >> index 0000000..b8e1052 > >> --- /dev/null > >> +++ b/js/plugins/flexslider/images/.gitignore > >> @@ -0,0 +1 @@ > >> +/bg_direction_nav.png > >> diff --git a/js/plugins/flexslider/themes/.gitignore > >> b/js/plugins/flexslider/themes/.gitignore > >> new file mode 100644 > >> index 0000000..f997900 > >> --- /dev/null > >> +++ b/js/plugins/flexslider/themes/.gitignore > >> @@ -0,0 +1 @@ > >> +/slider-overlay.png > >> diff --git a/js/plugins/isotope/.gitignore > b/js/plugins/isotope/.gitignore > >> new file mode 100644 > >> index 0000000..a8293f8 > >> --- /dev/null > >> +++ b/js/plugins/isotope/.gitignore > >> @@ -0,0 +1 @@ > >> +/jquery.isotope.min.js > >> diff --git a/js/plugins/jquery-browser-plugin/.gitignore > >> b/js/plugins/jquery-browser-plugin/.gitignore > >> new file mode 100644 > >> index 0000000..b747d22 > >> --- /dev/null > >> +++ b/js/plugins/jquery-browser-plugin/.gitignore > >> @@ -0,0 +1 @@ > >> +/jquery.browser.min.js > >> diff --git a/js/plugins/jquery.sharrre-1.3.4/.gitignore > >> b/js/plugins/jquery.sharrre-1.3.4/.gitignore > >> new file mode 100644 > >> index 0000000..e71067d > >> --- /dev/null > >> +++ b/js/plugins/jquery.sharrre-1.3.4/.gitignore > >> @@ -0,0 +1 @@ > >> +/jquery.sharrre-1.3.4.min.js > >> diff --git a/js/plugins/pretty-photo/images/fullscreen/.gitignore > >> b/js/plugins/pretty-photo/images/fullscreen/.gitignore > >> new file mode 100644 > >> index 0000000..00f8ff5 > >> --- /dev/null > >> +++ b/js/plugins/pretty-photo/images/fullscreen/.gitignore > >> @@ -0,0 +1,3 @@ > >> +/high.gif > >> +/huge.gif > >> +/wide.gif > >> diff --git > >> a/js/plugins/pretty-photo/images/prettyPhoto/dark_rounded/.gitignore > >> b/js/plugins/pretty-photo/images/prettyPhoto/dark_rounded/.gitignore > >> new file mode 100644 > >> index 0000000..446fdb1 > >> --- /dev/null > >> +++ b/js/plugins/pretty-photo/images/prettyPhoto/dark_rounded/.gitignore > >> @@ -0,0 +1,6 @@ > >> +/btnNext.png > >> +/btnPrevious.png > >> +/contentPattern.png > >> +/default_thumbnail.gif > >> +/loader.gif > >> +/sprite.png > >> diff --git > >> a/js/plugins/pretty-photo/images/prettyPhoto/dark_square/.gitignore > >> b/js/plugins/pretty-photo/images/prettyPhoto/dark_square/.gitignore > >> new file mode 100644 > >> index 0000000..446fdb1 > >> --- /dev/null > >> +++ b/js/plugins/pretty-photo/images/prettyPhoto/dark_square/.gitignore > >> @@ -0,0 +1,6 @@ > >> +/btnNext.png > >> +/btnPrevious.png > >> +/contentPattern.png > >> +/default_thumbnail.gif > >> +/loader.gif > >> +/sprite.png > >> diff --git > a/js/plugins/pretty-photo/images/prettyPhoto/default/.gitignore > >> b/js/plugins/pretty-photo/images/prettyPhoto/default/.gitignore > >> new file mode 100644 > >> index 0000000..eb72739 > >> --- /dev/null > >> +++ b/js/plugins/pretty-photo/images/prettyPhoto/default/.gitignore > >> @@ -0,0 +1,7 @@ > >> +/default_thumb.png > >> +/loader.gif > >> +/sprite.png > >> +/sprite_next.png > >> +/sprite_prev.png > >> +/sprite_x.png > >> +/sprite_y.png > >> diff --git > >> a/js/plugins/pretty-photo/images/prettyPhoto/facebook/.gitignore > >> b/js/plugins/pretty-photo/images/prettyPhoto/facebook/.gitignore > >> new file mode 100644 > >> index 0000000..06242fa > >> --- /dev/null > >> +++ b/js/plugins/pretty-photo/images/prettyPhoto/facebook/.gitignore > >> @@ -0,0 +1,9 @@ > >> +/btnNext.png > >> +/btnPrevious.png > >> +/contentPatternBottom.png > >> +/contentPatternLeft.png > >> +/contentPatternRight.png > >> +/contentPatternTop.png > >> +/default_thumbnail.gif > >> +/loader.gif > >> +/sprite.png > >> diff --git > >> a/js/plugins/pretty-photo/images/prettyPhoto/light_rounded/.gitignore > >> b/js/plugins/pretty-photo/images/prettyPhoto/light_rounded/.gitignore > >> new file mode 100644 > >> index 0000000..16f6013 > >> --- /dev/null > >> +++ > b/js/plugins/pretty-photo/images/prettyPhoto/light_rounded/.gitignore > >> @@ -0,0 +1,5 @@ > >> +/btnNext.png > >> +/btnPrevious.png > >> +/default_thumbnail.gif > >> +/loader.gif > >> +/sprite.png > >> diff --git > >> a/js/plugins/pretty-photo/images/prettyPhoto/light_square/.gitignore > >> b/js/plugins/pretty-photo/images/prettyPhoto/light_square/.gitignore > >> new file mode 100644 > >> index 0000000..16f6013 > >> --- /dev/null > >> +++ b/js/plugins/pretty-photo/images/prettyPhoto/light_square/.gitignore > >> @@ -0,0 +1,5 @@ > >> +/btnNext.png > >> +/btnPrevious.png > >> +/default_thumbnail.gif > >> +/loader.gif > >> +/sprite.png > >> diff --git a/js/plugins/pretty-photo/images/thumbnails/.gitignore > >> b/js/plugins/pretty-photo/images/thumbnails/.gitignore > >> new file mode 100644 > >> index 0000000..0b2d1ee > >> --- /dev/null > >> +++ b/js/plugins/pretty-photo/images/thumbnails/.gitignore > >> @@ -0,0 +1,2 @@ > >> +/flash-logo.png > >> +/quicktime-logo.gif > >> diff --git a/js/plugins/pretty-photo/js/.gitignore > >> b/js/plugins/pretty-photo/js/.gitignore > >> new file mode 100644 > >> index 0000000..b95543e > >> --- /dev/null > >> +++ b/js/plugins/pretty-photo/js/.gitignore > >> @@ -0,0 +1,3 @@ > >> +/jquery-1.3.2.min.js > >> +/jquery-1.4.4.min.js > >> +/jquery-1.6.1.min.js > >> diff --git a/js/plugins/respond/.gitignore > b/js/plugins/respond/.gitignore > >> new file mode 100644 > >> index 0000000..a34f253 > >> --- /dev/null > >> +++ b/js/plugins/respond/.gitignore > >> @@ -0,0 +1 @@ > >> +/respond.min.js > >> diff --git a/js/plugins/rs-plugin/assets/.gitignore > >> b/js/plugins/rs-plugin/assets/.gitignore > >> new file mode 100644 > >> index 0000000..222ab34 > >> --- /dev/null > >> +++ b/js/plugins/rs-plugin/assets/.gitignore > >> @@ -0,0 +1,32 @@ > >> +/arrow_large_left.png > >> +/arrow_large_right.png > >> +/arrow_left.png > >> +/arrow_left2.png > >> +/arrow_right.png > >> +/arrow_right2.png > >> +/arrowleft.png > >> +/arrowright.png > >> +/black50.png > >> +/boxed_bgtile.png > >> +/bullet.png > >> +/bullet_boxed.png > >> +/bullets.png > >> +/bullets2.png > >> +/coloredbg.png > >> +/grain.png > >> +/large_left.png > >> +/large_right.png > >> +/loader.gif > >> +/loader2.gif > >> +/navigdots.png > >> +/navigdots_bgtile.png > >> +/shadow1.png > >> +/shadow2.png > >> +/shadow3.png > >> +/small_left.png > >> +/small_left_boxed.png > >> +/small_right.png > >> +/small_right_boxed.png > >> +/timer.png > >> +/timerdot.png > >> +/white50.png > >> diff --git a/js/plugins/rs-plugin/images/.gitignore > >> b/js/plugins/rs-plugin/images/.gitignore > >> new file mode 100644 > >> index 0000000..d3de529 > >> --- /dev/null > >> +++ b/js/plugins/rs-plugin/images/.gitignore > >> @@ -0,0 +1,3 @@ > >> +/decor_inside.png > >> +/decor_inside_white.png > >> +/decor_testimonial.png > >> diff --git a/js/plugins/rs-plugin/images/gradient/.gitignore > >> b/js/plugins/rs-plugin/images/gradient/.gitignore > >> new file mode 100644 > >> index 0000000..2f05638 > >> --- /dev/null > >> +++ b/js/plugins/rs-plugin/images/gradient/.gitignore > >> @@ -0,0 +1,2 @@ > >> +/g30.png > >> +/g40.png > >> diff --git a/js/plugins/rs-plugin/js/.gitignore > >> b/js/plugins/rs-plugin/js/.gitignore > >> new file mode 100644 > >> index 0000000..d83db48 > >> --- /dev/null > >> +++ b/js/plugins/rs-plugin/js/.gitignore > >> @@ -0,0 +1,2 @@ > >> +/jquery.themepunch.plugins.min.js > >> +/jquery.themepunch.revolution.min.js > >> diff --git a/js/plugins/sequence/images/.gitignore > >> b/js/plugins/sequence/images/.gitignore > >> new file mode 100644 > >> index 0000000..0802321 > >> --- /dev/null > >> +++ b/js/plugins/sequence/images/.gitignore > >> @@ -0,0 +1,10 @@ > >> +/bt-next.png > >> +/bt-prev.png > >> +/model1.png > >> +/model2.png > >> +/model3.png > >> +/pause-icon.png > >> +/sequence-logo.png > >> +/tn-model1.png > >> +/tn-model2.png > >> +/tn-model3.png > >> diff --git a/security.html b/security.html > >> index 9392e49..1b372ff 100644 > >> --- a/security.html > >> +++ b/security.html > >> @@ -145,8 +145,10 @@ > >> > >> <h3>List of Known Vulnerabilities</h3> > >> <ul class="iconsList"> > >> - <li><i class="icon-pin"></i> <a href="// > >> cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51467" > >> target="external">CVE-2023-51467</a>; affected release before 18.12.10; > >> fixed in 18.12.11 with commit <a href=" > >> https://github.com/apache/ofbiz-framework/commit/d8b097f"; > >> target="external">d8b097f</a>, <a href=" > >> https://github.com/apache/ofbiz-framework/commit/1dcfa07180"; > >> target="external">1dcfa07180</a> </li> > >> - <li><i class="icon-pin"></i> <a href="// > >> cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50968" > >> target="external">CVE-2023-50968</a>; affected release before 18.12.10; > >> fixed in 18.12.11 with commit <a href=" > >> https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=82c1737688"; > >> target="external">82c1737688</a></li> > >> + <li><i class="icon-pin"></i> <a href="// > >> cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23946" > >> target="external">CVE-2024-23946</a>; affected releases before 18.12.12; > >> fixed in 18.12.12 with commits <a href=" > >> https://github.com/apache/ofbiz-framework/commit/b1cf4ef3e1"; > >> target="external">b1cf4ef3e1</a>, <a href=" > >> https://github.com/apache/ofbiz-framework/commit/93f8a58419"; > >> target="external">93f8a58419</a>, <a href=" > >> https://github.com/apache/ofbiz-framework/commit/c910e413ba"; [...] > >> + <li><i class="icon-pin"></i> <a href="// > >> cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25065" > >> target="external">CVE-2024-25065</a>; affected releases before 18.12.12; > >> fixed in 18.12.12 with commit <a href=" > >> https://github.com/apache/ofbiz-framework/commit/b91a9b7f26"; > >> target="external">b91a9b7f26</a></li> > >> + <li><i class="icon-pin"></i> <a href="// > >> cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51467" > >> target="external">CVE-2023-51467</a>; affected releases before 18.12.11; > >> fixed in 18.12.11 with commits <a href=" > >> https://github.com/apache/ofbiz-framework/commit/d8b097f"; > >> target="external">d8b097f</a>, <a href=" > >> https://github.com/apache/ofbiz-framework/commit/1dcfa07180"; > >> target="external">1dcfa07180</a> </li> > >> + <li><i class="icon-pin"></i> <a href="// > >> cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50968" > >> target="external">CVE-2023-50968</a>; affected releases before 18.12.11; > >> fixed in 18.12.11 with commit <a href=" > >> https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=82c1737688"; > >> target="external">82c1737688</a></li> > >> <li><i class="icon-pin"></i> <a href="// > >> cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49070" > >> target="external">CVE-2023-49070</a>; affected release 18.12.09; fixed > in > >> 18.12.10 with commit <a href=" > >> https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=c59336f604"; > >> target="external">c59336f604</a></li> > >> <li><i class="icon-pin"></i> <a href="// > >> cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46819" > >> target="external">CVE-2023-46819</a>; affected release 18.12.08; fixed > in > >> 18.12.09 with commit <a href=" > >> https://gitbox.apache.org/repos/asf?p=ofbiz-plugins.git;h=998bf510a"; > >> target="external">998bf510a</a></li> > >> <li><i class="icon-pin"></i> <a href="// > >> cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25371" > >> target="external">CVE-2022-25371</a>; affected release 18.12.07; fixed > in > >> 18.12.08 with commit <a href=" > >> https://github.com/apache/ofbiz-plugins/commit/41ff12cf8"; > >> target="external">41ff12cf8</a></li> > >> @@ -199,8 +201,8 @@ > >> <div class="container" id="footer"> > >> <div class="row"> > >> <div class="span6 timelineWidget"> > >> - <h2>Latest tweets</h2> > >> <!-- > >> + <h2>Latest tweets</h2> > >> <div class="divider"><span></span></div> > >> <ul class="socialNetwork nav"> > >> <li> > >> @@ -215,10 +217,11 @@ > >> <li><a href="#" class="icon-linkedin socialIcon tips" > >> title="follow us on Linkedin"><span>linkedin</span></a></li> > >> <li><a href="#" class="icon-pinterest-circled socialIcon > tips" > >> title="follow us on Pinterest"><span>Pinterest</span></a></li> > >> </ul> > >> - --> > >> <div id="twitterFrame"> <a class="twitter-timeline" href="// > >> twitter.com/ApacheOfbiz?height=250" data-widget-id="588661945194192896" > >> data-tweet-limit="2" data-theme="dark" data-chrome="nofooter noheader > >> transparent" >Tweets by @ApacheOfbiz</a> > >> <script>!function(d,s,id){var > >> > js,fjs=d.getElementsByTagName(s)[0],p=/^http:/.test(d.location)?'http':'https';if(!d.getElementById(id)){js=d.createElement(s); > >> js.id=id;js.src=p+"://platform.twitter.com/widgets.js > >> > ";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs");</script> > >> </div> > >> + --> > >> + > >> </div> > >> <div class="span3 contactWidget"> > >> <h2>Contact Community</h2> > >> diff --git a/template/page/security.tpl.php > >> b/template/page/security.tpl.php > >> index cc45756..6e974b4 100644 > >> --- a/template/page/security.tpl.php > >> +++ b/template/page/security.tpl.php > >> @@ -34,8 +34,10 @@ > >> > >> <h3>List of Known Vulnerabilities</h3> > >> <ul class="iconsList"> > >> - <li><i class="icon-pin"></i> <a href="// > >> cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51467" > >> target="external">CVE-2023-51467</a>; affected release before 18.12.10; > >> fixed in 18.12.11 with commit <a href=" > >> https://github.com/apache/ofbiz-framework/commit/d8b097f"; > >> target="external">d8b097f</a>, <a href=" > >> https://github.com/apache/ofbiz-framework/commit/1dcfa07180"; > >> target="external">1dcfa07180</a> </li> > >> - <li><i class="icon-pin"></i> <a href="// > >> cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50968" > >> target="external">CVE-2023-50968</a>; affected release before 18.12.10; > >> fixed in 18.12.11 with commit <a href=" > >> https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=82c1737688"; > >> target="external">82c1737688</a></li> > >> + <li><i class="icon-pin"></i> <a href="// > >> cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23946" > >> target="external">CVE-2024-23946</a>; affected releases before 18.12.12; > >> fixed in 18.12.12 with commits <a href=" > >> https://github.com/apache/ofbiz-framework/commit/b1cf4ef3e1"; > >> target="external">b1cf4ef3e1</a>, <a href=" > >> https://github.com/apache/ofbiz-framework/commit/93f8a58419"; > >> target="external">93f8a58419</a>, <a href=" > >> https://github.com/apache/ofbiz-framework/commit/c910e413ba"; [...] > >> + <li><i class="icon-pin"></i> <a href="// > >> cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25065" > >> target="external">CVE-2024-25065</a>; affected releases before 18.12.12; > >> fixed in 18.12.12 with commit <a href=" > >> https://github.com/apache/ofbiz-framework/commit/b91a9b7f26"; > >> target="external">b91a9b7f26</a></li> > >> + <li><i class="icon-pin"></i> <a href="// > >> cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51467" > >> target="external">CVE-2023-51467</a>; affected releases before 18.12.11; > >> fixed in 18.12.11 with commits <a href=" > >> https://github.com/apache/ofbiz-framework/commit/d8b097f"; > >> target="external">d8b097f</a>, <a href=" > >> https://github.com/apache/ofbiz-framework/commit/1dcfa07180"; > >> target="external">1dcfa07180</a> </li> > >> + <li><i class="icon-pin"></i> <a href="// > >> cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50968" > >> target="external">CVE-2023-50968</a>; affected releases before 18.12.11; > >> fixed in 18.12.11 with commit <a href=" > >> https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=82c1737688"; > >> target="external">82c1737688</a></li> > >> <li><i class="icon-pin"></i> <a href="// > >> cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49070" > >> target="external">CVE-2023-49070</a>; affected release 18.12.09; fixed > in > >> 18.12.10 with commit <a href=" > >> https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=c59336f604"; > >> target="external">c59336f604</a></li> > >> <li><i class="icon-pin"></i> <a href="// > >> cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46819" > >> target="external">CVE-2023-46819</a>; affected release 18.12.08; fixed > in > >> 18.12.09 with commit <a href=" > >> https://gitbox.apache.org/repos/asf?p=ofbiz-plugins.git;h=998bf510a"; > >> target="external">998bf510a</a></li> > >> <li><i class="icon-pin"></i> <a href="// > >> cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25371" > >> target="external">CVE-2022-25371</a>; affected release 18.12.07; fixed > in > >> 18.12.08 with commit <a href=" > >> https://github.com/apache/ofbiz-plugins/commit/41ff12cf8"; > >> target="external">41ff12cf8</a></li> > >> > >> >
