[jira] [Updated] (OFBIZ-11353) For security reason require authenticationfor the "stream" request-map in commonext controller.xml

Jacques Le Roux (Jira) Wed, 19 Feb 2020 01:20:10 -0800


     [ 
https://issues.apache.org/jira/browse/OFBIZ-11353?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Jacques Le Roux updated OFBIZ-11353:
------------------------------------
    Summary: For security reason require authenticationfor the "stream" 
request-map in commonext controller.xml   (was: Temporarily comment out the 
"stream" request-map in commonext controller.xml for security reason)

> For security reason require authenticationfor the "stream" request-map in 
> commonext controller.xml 
> ---------------------------------------------------------------------------------------------------
>
>                 Key: OFBIZ-11353
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-11353
>             Project: OFBiz
>          Issue Type: Bug
>          Components: ALL COMPONENTS
>    Affects Versions: Upcoming Branch, Release Branch 17.12, Release Branch 
> 18.12
>            Reporter: Jacques Le Roux
>            Assignee: Jacques Le Roux
>            Priority: Blocker
>             Fix For: 17.12.01, Upcoming Branch, Release Branch 18.12
>
>
> A vulnerability has been reported to the OFBiz security team.  To be able to 
> release the 17.12.01 version with this vulnerability fixed we need to 
> temporarily comment out the "stream" request-map in commonext controller. We 
> will later fix the specific issue to put back the functionnalities allowed by 
> the "stream" request-map in commonext controller.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (OFBIZ-11353) For security reason require authenticationfor the "stream" request-map in commonext controller.xml

Reply via email to