[idempiere/idempiere] f8b830: IDEMPIERE-6809 Session Fixation Vulnerability in i...
1 view
Skip to first unread message
hengsin
Feb 2, 2026, 11:36:19 AM (8 days ago) Feb 2
to idempi...@googlegroups.com
Branch: refs/heads/release-12
Home: https://github.com/idempiere/idempiere
Commit: f8b830ebe583fedb56f1c63ac82541b771587a5a
https://github.com/idempiere/idempiere/commit/f8b830ebe583fedb56f1c63ac82541b771587a5a
Author: Carlos Ruiz <car...@gmail.com>
Date: 2026-02-02 (Mon, 02 Feb 2026)
Changed paths:
M org.adempiere.ui.zk/WEB-INF/src/fi/jawsy/jawwa/zk/atmosphere/ZkAtmosphereHandler.java
M org.adempiere.ui.zk/WEB-INF/src/org/adempiere/webui/AdempiereWebUI.java
Log Message:
-----------
IDEMPIERE-6809 Session Fixation Vulnerability in iDempiere WebUI (#3080)
- integrate patch from Heng Sin
Commit: 623f7217cc2c78a0ff0294afb80ac46595b37138
https://github.com/idempiere/idempiere/commit/623f7217cc2c78a0ff0294afb80ac46595b37138
Author: Carlos Ruiz <car...@gmail.com>
Date: 2026-02-02 (Mon, 02 Feb 2026)
Changed paths:
M org.adempiere.base/src/org/compiere/model/MSysConfig.java
M org.adempiere.ui.zk/WEB-INF/src/org/adempiere/webui/AdempiereWebUI.java
M org.adempiere.ui.zk/WEB-INF/src/org/adempiere/webui/panel/ValidateMFAPanel.java
M org.adempiere.ui.zk/WEB-INF/src/org/adempiere/webui/util/FeedbackManager.java
M org.idempiere.webservices/WEB-INF/src/org/idempiere/adinterface/CompiereService.java
M org.idempiere.webservices/WEB-INF/src/org/idempiere/webservices/AbstractService.java
Log Message:
-----------
IDEMPIERE-6809 Session Fixation Vulnerability in iDempiere WebUI (#3081)
- adding SysConfig ZK_SESSION_SAVE_JSESSIONID and ZK_SESSION_SAVE_USER_AGENT to avoid saving sensitive security information
Commit: da12c16f630515513a28c7db10902953b4112ca1
https://github.com/idempiere/idempiere/commit/da12c16f630515513a28c7db10902953b4112ca1
Author: hengsin <hen...@gmail.com>
Date: 2026-02-02 (Mon, 02 Feb 2026)
Changed paths:
M org.adempiere.ui.zk/WEB-INF/src/org/adempiere/webui/panel/action/ReportAction.java
Log Message:
-----------
IDEMPIERE-6738 Problem in Find Dialog (#3083)
- fix report action
Compare: https://github.com/idempiere/idempiere/compare/c03e7b11b61a...da12c16f6305
To unsubscribe from these emails, change your notification settings at https://github.com/idempiere/idempiere/settings/notifications
Home: https://github.com/idempiere/idempiere
Commit: f8b830ebe583fedb56f1c63ac82541b771587a5a
https://github.com/idempiere/idempiere/commit/f8b830ebe583fedb56f1c63ac82541b771587a5a
Author: Carlos Ruiz <car...@gmail.com>
Date: 2026-02-02 (Mon, 02 Feb 2026)
Changed paths:
M org.adempiere.ui.zk/WEB-INF/src/fi/jawsy/jawwa/zk/atmosphere/ZkAtmosphereHandler.java
M org.adempiere.ui.zk/WEB-INF/src/org/adempiere/webui/AdempiereWebUI.java
Log Message:
-----------
IDEMPIERE-6809 Session Fixation Vulnerability in iDempiere WebUI (#3080)
- integrate patch from Heng Sin
Commit: 623f7217cc2c78a0ff0294afb80ac46595b37138
https://github.com/idempiere/idempiere/commit/623f7217cc2c78a0ff0294afb80ac46595b37138
Author: Carlos Ruiz <car...@gmail.com>
Date: 2026-02-02 (Mon, 02 Feb 2026)
Changed paths:
M org.adempiere.base/src/org/compiere/model/MSysConfig.java
M org.adempiere.ui.zk/WEB-INF/src/org/adempiere/webui/AdempiereWebUI.java
M org.adempiere.ui.zk/WEB-INF/src/org/adempiere/webui/panel/ValidateMFAPanel.java
M org.adempiere.ui.zk/WEB-INF/src/org/adempiere/webui/util/FeedbackManager.java
M org.idempiere.webservices/WEB-INF/src/org/idempiere/adinterface/CompiereService.java
M org.idempiere.webservices/WEB-INF/src/org/idempiere/webservices/AbstractService.java
Log Message:
-----------
IDEMPIERE-6809 Session Fixation Vulnerability in iDempiere WebUI (#3081)
- adding SysConfig ZK_SESSION_SAVE_JSESSIONID and ZK_SESSION_SAVE_USER_AGENT to avoid saving sensitive security information
Commit: da12c16f630515513a28c7db10902953b4112ca1
https://github.com/idempiere/idempiere/commit/da12c16f630515513a28c7db10902953b4112ca1
Author: hengsin <hen...@gmail.com>
Date: 2026-02-02 (Mon, 02 Feb 2026)
Changed paths:
M org.adempiere.ui.zk/WEB-INF/src/org/adempiere/webui/panel/action/ReportAction.java
Log Message:
-----------
IDEMPIERE-6738 Problem in Find Dialog (#3083)
- fix report action
Compare: https://github.com/idempiere/idempiere/compare/c03e7b11b61a...da12c16f6305
To unsubscribe from these emails, change your notification settings at https://github.com/idempiere/idempiere/settings/notifications
Reply all
Reply to author
Forward
0 new messages