[jira] [Updated] (OFBIZ-11348) Temporarily comment out the "stream" request-map in ecommerce controller for security reason
[ https://issues.apache.org/jira/browse/OFBIZ-11348?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jacques Le Roux updated OFBIZ-11348: Description: A vulnerability has been reported to the OFBiz security team. To be able to release the 17.12.01 version with this vulnerability fixed we need to temporarily comment out the "stream" request-map in ecommerce controller. We will later fix the specific issue in ecommerce to put back the functionnalities allowed by the "stream" request-map in ecommerce controller. (was: A vulnerability has been reported to the OFBiz security team. We were able to quickly and quietly fix it in supported versions, but in the ecommerce component. To be able to release the 17.12.01 version with this vulnerability fixed we need to temporarily comment out the "stream" request-map in ecommerce controller. We will later fix the specific issue in ecommerce to put back the functionnalities allowed by the "stream" request-map in ecommerce controller.) > Temporarily comment out the "stream" request-map in ecommerce controller for > security reason > > > Key: OFBIZ-11348 > URL: https://issues.apache.org/jira/browse/OFBIZ-11348 > Project: OFBiz > Issue Type: Sub-task > Components: ecommerce >Affects Versions: Upcoming Branch, Release Branch 17.12, Release Branch > 18.12 >Reporter: Jacques Le Roux >Assignee: Jacques Le Roux >Priority: Blocker > Fix For: 17.12.01, Upcoming Branch, Release Branch 18.12 > > > A vulnerability has been reported to the OFBiz security team. To be able to > release the 17.12.01 version with this vulnerability fixed we need to > temporarily comment out the "stream" request-map in ecommerce controller. We > will later fix the specific issue in ecommerce to put back the > functionnalities allowed by the "stream" request-map in ecommerce controller. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (OFBIZ-11348) Temporarily comment out the "stream" request-map in ecommerce controller for security reason
[ https://issues.apache.org/jira/browse/OFBIZ-11348?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jacques Le Roux updated OFBIZ-11348: Parent: OFBIZ-1525 Issue Type: Sub-task (was: Bug) > Temporarily comment out the "stream" request-map in ecommerce controller for > security reason > > > Key: OFBIZ-11348 > URL: https://issues.apache.org/jira/browse/OFBIZ-11348 > Project: OFBiz > Issue Type: Sub-task > Components: ecommerce >Affects Versions: Upcoming Branch, Release Branch 17.12, Release Branch > 18.12 >Reporter: Jacques Le Roux >Assignee: Jacques Le Roux >Priority: Blocker > Fix For: 17.12.01, Upcoming Branch, Release Branch 18.12 > > > A vulnerability has been reported to the OFBiz security team. We were able to > quickly and quietly fix it in supported versions, but in the ecommerce > component. To be able to release the 17.12.01 version with this vulnerability > fixed we need to temporarily comment out the "stream" request-map in > ecommerce controller. We will later fix the specific issue in ecommerce to > put back the functionnalities allowed by the "stream" request-map in > ecommerce controller. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (OFBIZ-11348) Temporarily comment out the "stream" request-map in ecommerce controller for security reason
[ https://issues.apache.org/jira/browse/OFBIZ-11348?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jacques Le Roux updated OFBIZ-11348: Fix Version/s: Release Branch 18.12 Upcoming Branch Affects Version/s: (was: 17.12.01) Release Branch 18.12 Release Branch 17.12 Upcoming Branch > Temporarily comment out the "stream" request-map in ecommerce controller for > security reason > > > Key: OFBIZ-11348 > URL: https://issues.apache.org/jira/browse/OFBIZ-11348 > Project: OFBiz > Issue Type: Bug > Components: ecommerce >Affects Versions: Upcoming Branch, Release Branch 17.12, Release Branch > 18.12 >Reporter: Jacques Le Roux >Priority: Blocker > Fix For: 17.12.01, Upcoming Branch, Release Branch 18.12 > > > A vulnerability has been reported to the OFBiz security team. We were able to > quickly and quietly fix it in supported versions, but in the ecommerce > component. To be able to release the 17.12.01 version with this vulnerability > fixed we need to temporarily comment out the "stream" request-map in > ecommerce controller. We will later fix the specific issue in ecommerce to > put back the functionnalities allowed by the "stream" request-map in > ecommerce controller. -- This message was sent by Atlassian Jira (v8.3.4#803005)