Versions Compared

Old Version 11

changes.mady.by.user Jacques Le Roux

Saved on

compared with

New Version 12

changes.mady.by.user Jacques Le Roux

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Link to OFBIZ-1525 - Issue to group security concerns

...

You can trust the Apache OFBiz PMC Members and Committers, we do our best to keep OFBiz secure. But despite our best efforts we migth sometimes overlook a security issue. In such cases, as explained at https://ofbiz.apache.org/download.html, we strongly encourage OfBiz users to report security problems affecting OFBiz to the private security mailing list of the ASF Security Team, before disclosing them in a public forum. Please see the page of the ASF Security Team for further information and contact information. Also in case of doubt, refer to the current page where quick fixes not already released might be explained.

Though it's maybe totally complete, you might refer to

Jira
serverASF JIRA
serverId5aa69414-a9e9-3523-82ec-879b028fb15b
keyOFBIZ-1525
for details on security.

...

The 2015 infamous Java unserialize vulnerability

...