This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a change to branch release18.12
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git.
from 5a90821 Fixed: Setup instructions don't work (OFBIZ-12228)
new 24c72ed Fixed: Found a new XXE (XML External Entity Injection)
vulnerability in ArtifactInfo (OFBIZ-12306)
new 9b5c721 Fixed: Found a new XXE (XML External Entity Injection)
vulnerability in EntityImport (OFBIZ-12304)
new d4297a1 Fixed: Found a new XXE (XML External Entity Injection)
vulnerability in EntityImport (OFBIZ-12304)
The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.../java/org/apache/ofbiz/base/util/UtilURL.java | 2 +-
.../org/apache/ofbiz/base/util/UtilValidate.java | 30 ++++++++++++++++++++--
.../groovyScripts/artifactinfo/ArtifactInfo.groovy | 10 +++++---
.../apache/ofbiz/webtools/WebToolsServices.java | 5 ++++
4 files changed, 41 insertions(+), 6 deletions(-)
