Commits

Show all
Author Commit Message Labels Comments Date
Brenden Bain
Added tag osworkflow_2-8-1 for changeset 04f16ceeeba3
Oswaldo Hernandez
Protect loading of workflows in XMLWorkflow factory against XML vulnerabilities by: - Enabling secure processing feature in the xml parser. This will place limits so xml entities are not expanded recursively and exhaust memory. - Not resolving external references to unknown xml entities by switching of the "http://xml.org/sax/features/external-general-entities" and "http://xml.org/sax/features/external-parameter-entities" features and disabling loading of external dtds. - Ensure …
Tags
osworkflow_2-8-1
Oswaldo Hernandez
Enable secure processing feature in the xml parser when validating workflow descriptors. This will place limits so xml entities are not expanded recursively and exhaust memory.
Oswaldo Hernandez
Validate workflow descriptors through the SecureDTDEntityResolver, which will not resolve external references to unknown xml entities when loading a workflow descriptor definition.
Oswaldo Hernandez
Protect loading of DefaultConfiguration against XML vulnerabilities by: - Enabling secure processing feature in the xml parser. This will place limits so xml entities are not expanded recursively and exhaust memory. - Not resolving external references to unknown xml entities by switching of the "http://xml.org/sax/features/external-general-entities" and "http://xml.org/sax/features/external-parameter-entities" features and disabling loading of external dtds. - Ensure …
Oswaldo Hernandez
Prevent billion laughs attack by enabling secure processing feature in the xml parser. This will place limits so xml entities are not expanded recursively and exhaust memory.
Oswaldo Hernandez
Do not resolve external references to unknown xml entities when loading a workflow definition.
convert-repo
update tags
skanjo
Forgot to remove the static modifier from the log.
skanjo
Removing PropertySet 1.4 libraries in favor of 1.5 libraries.
skanjo
Changed visibility of logger to allow subclasses access.
skanjo
Accidentally left company copyright generated by default within Eclipse. Just noticed it after commit. Removing it from code.
skanjo
PropertySetDelegate supporting hibernate3, which is now available in PropertySet 1.5.
skanjo
Updated PropertySet libraries to new development version 1.5. This version of PropertySet includes support for Hibernate3.
dienaya
Issue number: WF-473 Obtained from: Submitted by: Diego Naya Reviewed by:
hani
Patch from WF-469
masini
Submitted by: masini Reviewed by: masini Corrected order of the history collection
hani
Patch from WF-458
hani
Patch from WF-467
hani
Added setter
hani
Fix WF-448
hani
Hack to prevent deadlock
hani
Fix WF-457
masini
Fixed package name due to refactoring
masini
Updated oscore release number
masini
Hibernate3 version of the WorkflowFactory, still not refactored, documented and tested !!!!
hani
Fixed tiny typo
hani
Fix WF-452
hani
More editor cleanup
hani
Removed unused import
  1. Prev
  2. Next