Apache OFBiz Logo

Release Notes 18.12.09

Apache OFBiz® 18.12.09, released on November 2023, is the ninth release of the 18.12 series, that has been stabilized since December 2018.

Release Notes - OFBiz - Version 18.12.09

Sub-task

  • [OFBIZ-12792] - [SECURITY] [CVE-2022-47501] Arbitrary file reading vulnerability in Solr
  • [OFBIZ-12831] - [SECURITY] CVE-2023-34981 Apache Tomcat
  • [OFBIZ-12839] - [CVE-2023-34478] Apache Shiro, before 1.12.0, is susceptible to a path traversal attack
  • [OFBIZ-12857] - Execution of queries without authentication
  • [OFBIZ-12860] - [SECURITY] Several CVEs in Apache Tomcat

Bug

  • [OFBIZ-11434] - Forum Articles do not respond to pagination
  • [OFBIZ-12849] - [CVE-2023-41080] Update Tomcat to 9.0.80
  • [OFBIZ-12864] - Issue with OFBiz Job Scheduler and Daylight Saving Time