[
https://issues.apache.org/jira/browse/OFBIZ-12221?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17316065#comment-17316065 ]
ASF subversion and git services commented on OFBIZ-12221:
---------------------------------------------------------
Commit 57183eea13857d592ae0d299747a0527452bd525 in ofbiz-framework's branch refs/heads/release17.12 from Jacques Le Roux
[
https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=57183ee ]
Improved: Improve ObjectInputStream denyList (OFBIZ-12221)
In SafeObjectInputStream.properties
Renames listOfSafeObjectsForInputStream to allowList and fixes it
Introduces a denyList
Adapts SafeObjectInputStream class to new denyList
Conflicts handled by hand
framework/base/config/SafeObjectInputStream.properties
framework/base/src/main/java/org/apache/ofbiz/base/util/SafeObjectInputStream.java
> Improve ObjectInputStream denyList
> ----------------------------------
>
> Key: OFBIZ-12221
> URL:
https://issues.apache.org/jira/browse/OFBIZ-12221> Project: OFBiz
> Issue Type: Improvement
> Components: framework/base
> Affects Versions: Trunk
> Reporter: Jacques Le Roux
> Assignee: Jacques Le Roux
> Priority: Trivial
> Fix For: 18.12.01, 17.12.07
>
>
> Prevent generics markup in string type names.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
Locked
