...
Because of
| Jira |
|---|
| server | ASF JIRA |
|---|
| serverId | 5aa69414-a9e9-3523-82ec-879b028fb15b |
|---|
| key | OFBIZ-10837 |
|---|
|
, we needed to fix another issue related to ObjectInputStream class. If you encounter a related issue (object not in the allow list), you must provide a complete list of objects to pass to ObjectInputStream through ListOfSafeObjectsForInputStream property in SafeObjectInputStream.properties file. As an example, the a complete list of objects used by OFBiz OOTB is by default there. You will need to add your objects/classes to this list.
With
| Jira |
|---|
| server | ASF JIRA |
|---|
| serverId | 5aa69414-a9e9-3523-82ec-879b028fb15b |
|---|
| key | OFBIZ-12167 |
|---|
|
we have introduced a way to also put objects in a deny list and improved it with
| Jira |
|---|
| server | ASF JIRA |
|---|
| serverId | 5aa69414-a9e9-3523-82ec-879b028fb15b |
|---|
| key | OFBIZ-12216 |
|---|
|
,
| Jira |
|---|
| server | ASF JIRA |
|---|
| serverId | 5aa69414-a9e9-3523-82ec-879b028fb15b |
|---|
| key | OFBIZ-12212 |
|---|
|
and
| Jira |
|---|
| server | ASF JIRA |
|---|
| serverId | 5aa69414-a9e9-3523-82ec-879b028fb15b |
|---|
| key | OFBIZ-12221 |
|---|
|
...