[ 
https://issues.apache.org/jira/browse/OFBIZ-11348?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17036836#comment-17036836
 ] 

ASF subversion and git services commented on OFBIZ-11348:
---------------------------------------------------------

Commit 8926d686c9769c331139b7165692fb38509efe81 in ofbiz-plugins's branch 
refs/heads/release18.12 from Jacques Le Roux
[ https://gitbox.apache.org/repos/asf?p=ofbiz-plugins.git;h=8926d68 ]

Improved: Temporarily comment out the "stream" request-map in ecommerce
controller for security reason
(OFBIZ-11348)

No functional change, simply amend the comment


> Temporarily comment out the "stream" request-map in ecommerce controller for 
> security reason
> --------------------------------------------------------------------------------------------
>
>                 Key: OFBIZ-11348
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-11348
>             Project: OFBiz
>          Issue Type: Sub-task
>          Components: ecommerce
>    Affects Versions: Upcoming Branch, Release Branch 17.12, Release Branch 
> 18.12
>            Reporter: Jacques Le Roux
>            Assignee: Jacques Le Roux
>            Priority: Blocker
>             Fix For: 17.12.01, Upcoming Branch, Release Branch 18.12
>
>
> A vulnerability has been reported to the OFBiz security team. To be able to 
> release the 17.12.01 version with this vulnerability fixed we need to 
> temporarily comment out the "stream" request-map in ecommerce controller. We 
> will later fix the specific issue in ecommerce to put back the 
> functionnalities allowed by the "stream" request-map in ecommerce controller.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to