subject:"\[jira\] \[Commented\] \(OFBIZ\-11948\) Remote Code Execution \(File Upload\) Vulnerability"

Re: [jira] [Commented] (OFBIZ-11948) Remote Code Execution (File Upload) Vulnerability

2022-02-04 Thread Jacques Le Roux

We crossed on wire Michael :) Le 04/02/2022 à 14:34, Michael Brohl a écrit : The scrum component contains a Python script which is used together with git hooks. So Jacques's statement was entirely accurate. Michael Am 04.02.22 um 14:15 schrieb Pierre Smits: Hi Jacques, in a posting above,

Re: [jira] [Commented] (OFBIZ-11948) Remote Code Execution (File Upload) Vulnerability

2022-02-04 Thread Jacques Le Roux

Ah OK, then this sentence was inappropriate, nothing more. Actually the idea, from a security POV, is to add "security.properties::deniedWebShellTokens to neutralise non encoded PHP webshells. Mmm, I just checked. It's about python:

Re: [jira] [Commented] (OFBIZ-11948) Remote Code Execution (File Upload) Vulnerability

2022-02-04 Thread Michael Brohl

The scrum component contains a Python script which is used together with git hooks. So Jacques's statement was entirely accurate. Michael Am 04.02.22 um 14:15 schrieb Pierre Smits: Hi Jacques, in a posting above, you stated: * Adds "https://ofbiz.apache.org/> since 2008 (without

Re: [jira] [Commented] (OFBIZ-11948) Remote Code Execution (File Upload) Vulnerability

2022-02-04 Thread Pierre Smits

Hi Jacques, in a posting above, you stated: * Adds "https://ofbiz.apache.org/> since 2008 (without privileges) Proud contributor to the ASF since 2006 *Apache Directory , PMC Member* Anyone could have been you, whereas I've always been anyone. On Fri, Feb 4, 2022

Re: [jira] [Commented] (OFBIZ-11948) Remote Code Execution (File Upload) Vulnerability

2022-02-04 Thread Jacques Le Roux

Hi Pierre, How is your question related? Le 04/02/2022 à 12:53, Pierre Smits a écrit : Hi Jacques, Wasn't there PHP code in the scrum application/ component to work with a git repository? Or was that Python? Op vr 4 feb. 2022 12:32 schreef ASF subversion and git services (Jira) <

Re: [jira] [Commented] (OFBIZ-11948) Remote Code Execution (File Upload) Vulnerability

2022-02-04 Thread Pierre Smits

Hi Jacques, Wasn't there PHP code in the scrum application/ component to work with a git repository? Or was that Python? Op vr 4 feb. 2022 12:32 schreef ASF subversion and git services (Jira) < j...@apache.org>: > > [ >

Re: [jira] [Commented] (OFBIZ-11948) Remote Code Execution (File Upload) Vulnerability

Re: [jira] [Commented] (OFBIZ-11948) Remote Code Execution (File Upload) Vulnerability

Re: [jira] [Commented] (OFBIZ-11948) Remote Code Execution (File Upload) Vulnerability

Re: [jira] [Commented] (OFBIZ-11948) Remote Code Execution (File Upload) Vulnerability

Re: [jira] [Commented] (OFBIZ-11948) Remote Code Execution (File Upload) Vulnerability

Re: [jira] [Commented] (OFBIZ-11948) Remote Code Execution (File Upload) Vulnerability

6 matches

Site Navigation

Mail list logo

Footer information