Openbravo Issue Tracking System - Retail Modules | |||||
| View Issue Details | |||||
| ID | Project | Category | View Status | Date Submitted | Last Update |
| 0049251 | Retail Modules | Web POS Hardware Manager | public | 2022-05-06 13:48 | 2022-05-25 10:20 |
| Reporter | adrianromero | ||||
| Assigned To | jonae | ||||
| Priority | high | Severity | major | Reproducibility | have not tried |
| Status | closed | Resolution | fixed | ||
| Platform | OS | 5 | OS Version | ||
| Product Version | |||||
| Target Version | Fixed in Version | ||||
| Merge Request Status | approved | ||||
| Review Assigned To | |||||
| OBNetwork customer | OBPS | ||||
| Support ticket | |||||
| Regression level | |||||
| Regression date | |||||
| Regression introduced in release | |||||
| Regression introduced by commit | |||||
| Triggers an Emergency Pack | No | ||||
| Summary | 0049251: Security issue in lib4j dependency in Ingenico Oman payment integration plugin | ||||
| Description | The hardware manager plugin for the Ingenico Oman payment plugin uses old library versions that have important security issues https://gitlab.com/openbravo/product/pmods/hwmanager-ingenicooman/-/tree/master/lib [^] * log4j-api * log4j-core * commons-lang * jscc All these versions must be upgraded to the latest available version. This upgrade must be done in coordination with the integration provider as they are libraries that depends on the integration provider library. It is not a direct Openbravo dependency. Also a new /legal folder must be included with all the licence details of the third party libraries. | ||||
| Steps To Reproduce | In description | ||||
| Proposed Solution | |||||
| Additional Information | |||||
| Tags | No tags attached. | ||||
| Relationships | |||||
| Attached Files | |||||
| Issue History | |||||
| Date Modified | Username | Field | Change | ||
| 2022-05-06 13:48 | adrianromero | New Issue | |||
| 2022-05-06 13:48 | adrianromero | Assigned To | => jonae | ||
| 2022-05-06 13:48 | adrianromero | OBNetwork customer | => OBPS | ||
| 2022-05-06 13:48 | adrianromero | Triggers an Emergency Pack | => No | ||
| 2022-05-06 14:01 | shuehner | Issue Monitored: shuehner | |||
| 2022-05-24 10:11 | hgbot | Merge Request Status | => open | ||
| 2022-05-24 10:11 | hgbot | Note Added: 0137670 | |||
| 2022-05-24 10:11 | hgbot | Note Added: 0137671 | |||
| 2022-05-24 22:40 | hgbot | Note Added: 0137690 | |||
| 2022-05-24 22:40 | hgbot | Note Added: 0137691 | |||
| 2022-05-24 22:44 | hgbot | Note Added: 0137692 | |||
| 2022-05-24 22:44 | hgbot | Note Added: 0137693 | |||
| 2022-05-24 22:47 | hgbot | Note Added: 0137694 | |||
| 2022-05-24 22:47 | hgbot | Note Added: 0137695 | |||
| 2022-05-25 09:48 | hgbot | Note Added: 0137711 | |||
| 2022-05-25 09:48 | hgbot | Note Added: 0137712 | |||
| 2022-05-25 10:20 | hgbot | Merge Request Status | open => approved | ||
| 2022-05-25 10:20 | hgbot | Resolution | open => fixed | ||
| 2022-05-25 10:20 | hgbot | Status | new => closed | ||
| 2022-05-25 10:20 | hgbot | Note Added: 0137715 | |||
| 2022-05-25 10:20 | hgbot | Note Added: 0137716 | |||
| 2022-05-25 10:20 | hgbot | Note Added: 0137717 | |||
| 2022-05-25 10:20 | hgbot | Note Added: 0137718 | |||
| Notes | |||||
|
|
|||||
|
|
||||
|
|
|||||
|
|
||||
|
|
|||||
|
|
||||
|
|
|||||
|
|
||||
|
|
|||||
|
|
||||
|
|
|||||
|
|
||||
|
|
|||||
|
|
||||
|
|
|||||
|
|
||||
|
|
|||||
|
|
||||
|
|
|||||
|
|
||||
|
|
|||||
|
|
||||
|
|
|||||
|
|
||||
|
|
|||||
|
|
||||
|
|
|||||
|
|
||||