Info | ||
---|---|---|
| ||
This page document the usage with Gradle, the pre-Gradle documentation is here: https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=65865828 |
Sometimes the OFBIz code itself is not the culprit. OFBiz relies on many Java librairies, and if one of them has a flaw we can't always wait it's fixed to warn and protect our users. This is for instance what happened with the 2015 infamous Java serialization vulnerability. OFBiz was affected by 2 librairies: Apache Commons Collections and Apache Groovy . As you can see at
Jira | ||||||
---|---|---|---|---|---|---|
|
...