Jacques Le Roux created OFBIZ-11348:
---------------------------------------
Summary: Temporarily comment out the "stream" request-map in ecommerce controller for security reason
Key: OFBIZ-11348
URL:
https://issues.apache.org/jira/browse/OFBIZ-11348 Project: OFBiz
Issue Type: Bug
Components: ecommerce
Affects Versions: 17.12.01
Reporter: Jacques Le Roux
Fix For: 17.12.01
A vulnerability has been reported to the OFBiz security team. We were able to quickly and quietly fix it in supported versions, but in the ecommerce component. To be able to release the 17.12.01 version with this vulnerability fixed we need to temporarily comment out the "stream" request-map in ecommerce controller. We will later fix the specific issue in ecommerce to put back the functionnalities allowed by the "stream" request-map in ecommerce controller.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
Locked
