|
|
Author: jleroux
Revision: 1855290
Modified property: svn:log
Modified: svn:log at Fri Sep 13 07:38:44 2019
------------------------------------------------------------------------------
--- svn:log (original)
+++ svn:log Fri Sep 13 07:38:44 2019
@@ -5,6 +5,8 @@ r1855287 | jleroux | 2019-03-12 09:29:37
Improved: Improve ObjectInputStream class
(OFBIZ-10837)
+Fixes CVE-2019-0189
+
The white list was still not complete as reported by Rohit at OFBIZ-10573
This adds FlexibleStringExpander
@@ -13,4 +15,3 @@ Anyway I'll not change it.
Thanks: Rohit Koushal
------------------------------------------------------------------------
-�
|
Locked
