Download Apache OFBiz™
- Java 1.7 (minimum) SDK
- unpack the release file and go into the newly created directory
- using the command line, build the system (with demo data) and run it with the following command:
ant load-demo start(on Linux and like use "./ant" rather than "ant")
- point your browser to http://localhost:8080/catalog and login with username "admin" and password "ofbiz"
- refer to the README file for further details
Apache OFBiz™ is an open source product for the automation of enterprise processes that includes framework components and business applications.
Use the links below to download Apache OFBiz releases from the "Apache Download Mirrors" page; in that page you'll also find instructions on how to verify the integrity of the release file using the signature and hashes (PGP, MD5, SHA512) available for each release.
Despite our best efforts to maintain up to three active release branches, support for older branches can decrease because our project volunteers may be focused on other issues. We recommend using releases from the most recent branch wherever possible.
Apache OFBiz 13.07.01
Released in October 2014, is the first release of the 13.07 series, that has been stabilized with bug fixes since July 2013. It is the OFBiz current stable release and users of the previous releases are encouraged to migrate to it in order to get all the new features.
- Apache OFBiz 12.04.05 [PGP] [MD5] [SHA512], released in September 2014, is the latest bug fix release in the 12.04 series that contains all the features of the trunk up to April 2012.
- Apache OFBiz 11.04.06 [PGP] [MD5] [SHA512], released in September 2014, is the latest bug fix release in the 11.04 series that contains all the features of the trunk up to April 2011; it is probably the last release of this series.
- Old superseded releases can be found in the OFBiz archive
- A description of each release in the history of OFBiz can be found here
- Nightly snapshots can be found here
- The naming convention for OFBiz releases is <Release Freeze Date>.<Minor Release Number> for example <13.07>.<04> where:
- <Release Freeze Date> is in the format of <YY.MM> where YY and MM are the year and month of the date of the feature freeze;
- <Minor Release Number> is a two digit sequential number: 01 is the first release from the branch; 02 is the second etc...; for a given Release Freeze Date you should always use the release with the highest Minor Release Number because it represents the latest bug fix release for the Release Freeze Date you are using.
- Tentative release schedule for the 12.04 series:
- April 2015 - Apache OFBiz 12.04.06 (last release of the 12.04 series)
- Tentative release schedule for the 13.07 series:
- April 2015 - Apache OFBiz 13.07.02
- September 2015 - Apache OFBiz 13.07.03
- April 2016 - Apache OFBiz 13.07.04
- February 2017 - Apache OFBiz 13.07.05 (last release of the 13.07 series)
- Tentative release schedule for the 14.12 series:
- February 2016 - Apache OFBiz 14.12.01
- August 2016 - Apache OFBiz 14.12.02
- March 2017 - Apache OFBiz 14.12.03
- September 2017 - Apache OFBiz 14.12.04
- April 2018 - Apache OFBiz 14.12.05 (last release of the 14.12 series)
We strongly encourage OfBiz users to report security problems affecting OFBiz to the private security mailing list of the ASF Security Team, before disclosing them in a public forum. Please see the page of the ASF Security Team for further information and contact information.
- This is the list of all security vulnerabilities fixed in released versions of Apache OFBiz:
- CVE-2014-0232; affected releases: 12.04.03 and earlier versions (12.04.*), 11.04.04 and earlier versions (11.04.*); fixed in 12.04.04 and 11.04.05
- CVE-2013-2250; affected releases: 12.04.01, 11.04.02 and earlier versions (11.04.*), 10.04.05 and earlier versions (10.04.*); fixed in 12.04.02, 11.04.03 and 10.04.06
- CVE-2013-2137; affected releases: 12.04.01, 11.04.02 and earlier versions (11.04.*), 10.04.05 and earlier versions (10.04.*); fixed in 12.04.02, 11.04.03 and 10.04.06
- CVE-2013-0177; affected releases: 11.04.01, 10.04.04 and earlier versions (10.04.*); fixed in 11.04.02 and 10.04.05
- CVE-2012-3506; affected releases: 10.04.02, 10.04 (10.04.01); fixed in 10.04.03
- CVE-2012-1622; affected releases: 10.04 (10.04.01); fixed in 10.04.02
- CVE-2012-1621; affected releases: 10.04 (10.04.01); fixed in 10.04.02
- CVE-2010-0432; affected releases: 09.04; fixed in 09.04.01