[ofbiz-framework] branch release18.12 updated: Fixed: Secure the uploads (OFBIZ-12080)

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[ofbiz-framework] branch release18.12 updated: Fixed: Secure the uploads (OFBIZ-12080)

jleroux@apache.org
This is an automated email from the ASF dual-hosted git repository.

jleroux pushed a commit to branch release18.12
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git


The following commit(s) were added to refs/heads/release18.12 by this push:
     new 9b01c85  Fixed: Secure the uploads (OFBIZ-12080)
9b01c85 is described below

commit 9b01c8571d1a46565fb4e1b04672989dc07bcd32
Author: Jacques Le Roux <[hidden email]>
AuthorDate: Wed Dec 2 10:03:35 2020 +0100

    Fixed: Secure the uploads (OFBIZ-12080)
   
    org.apache.xmlgraphics:batik:1.13 does not include batik-svg-dom it's in
    batik:batik-svg-dom:1.6-1.
   
    It's also in org.eclipse.birt.runtime:viewservlets:4.5.0 that's why it worked
    only with plugins
---
 build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build.gradle b/build.gradle
index d369f23..ea87cff 100644
--- a/build.gradle
+++ b/build.gradle
@@ -190,7 +190,7 @@ dependencies {
     compile 'net.lingala.zip4j:zip4j:2.6.4'
     compile 'org.apache.commons:commons-imaging:1.0-alpha2' // Alpha but OK, "Imaging was working and was used by a number of projects in production even before reaching its initial release as an Apache Commons component."
     compile 'org.apache.tika:tika-core:1.24.1'
-    compile 'org.apache.xmlgraphics:batik:1.13'
+    compile 'batik:batik-svg-dom:1.6-1'
 
     // ofbiz unit-test compile libs
     testCompile 'org.mockito:mockito-core:2.23.0'