Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
Release Branch 18.12, Trunk
-
None
-
Testing if a "fresh" environment, just cloned from github:
git clone git@github.com:apache/ofbiz-framework.git
or
git clone -b release18.12 git@github.com:apache/ofbiz-framework.git
Then build and run:
./gradlew cleanAll loadAll ./gradlew ofbiz
Login and go to manufacturing tab -> MRP, click Run MRP. Then MRP Log, show processing then failed. Default environment, no changes.
Using:
$ java -version java version "1.8.0_201" Java(TM) SE Runtime Environment (build 1.8.0_201-b09) Java HotSpot(TM) 64-Bit Server VM (build 25.201-b09, mixed mode)
Testing if a "fresh" environment, just cloned from github: git clone git@github.com:apache/ofbiz-framework.git or git clone -b release18.12 git@github.com:apache/ofbiz-framework.git Then build and run: ./gradlew cleanAll loadAll ./gradlew ofbiz Login and go to manufacturing tab -> MRP, click Run MRP. Then MRP Log, show processing then failed. Default environment, no changes. Using: $ java -version java version "1.8.0_201" Java(TM) SE Runtime Environment (build 1.8.0_201-b09) Java HotSpot(TM) 64-Bit Server VM (build 25.201-b09, mixed mode)
Description
When trying to "Run MRP" it starts processing, then ends with error, so I can't run my MRP:
2019-03-27 11:32:30,871 |OFBiz-JobQueue-0 |SafeObjectInputStream |W| ************************Incompatible class: org.apache.ofbiz.widget.renderer.VisualTheme. Please see OFBIZ-10837. Report to dev ML if you use OFBiz without changes. Else add you class into UtilObject::getObjectException 2019-03-27 11:32:30,871 |OFBiz-JobQueue-0 |GenericServiceJob |E| Async-Service failed. java.lang.ClassCastException: Incompatible class: org.apache.ofbiz.widget.renderer.VisualTheme at org.apache.ofbiz.base.util.SafeObjectInputStream.resolveClass(SafeObjectInputStream.java:66) ~[ofbiz.jar:?] at java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1868) ~[?:1.8.0_201] at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1751) ~[?:1.8.0_201] at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2042) ~[?:1.8.0_201] at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1573) ~[?:1.8.0_201] at java.io.ObjectInputStream.readObject(ObjectInputStream.java:431) ~[?:1.8.0_201] at org.apache.ofbiz.base.util.UtilObject.getObjectException(UtilObject.java:148) ~[ofbiz.jar:?] at org.apache.ofbiz.base.util.UtilObject.getObject(UtilObject.java:133) ~[ofbiz.jar:?] at org.apache.ofbiz.entity.serialize.XmlSerializer.deserializeCustom(XmlSerializer.java:475) ~[ofbiz.jar:?] at org.apache.ofbiz.entity.serialize.XmlSerializer.deserializeSingle(XmlSerializer.java:465) ~[ofbiz.jar:?] at org.apache.ofbiz.entity.serialize.XmlSerializer.deserializeSingle(XmlSerializer.java:453) ~[ofbiz.jar:?] at org.apache.ofbiz.entity.serialize.XmlSerializer.deserialize(XmlSerializer.java:128) ~[ofbiz.jar:?] at org.apache.ofbiz.entity.serialize.XmlSerializer.deserialize(XmlSerializer.java:102) ~[ofbiz.jar:?] at org.apache.ofbiz.service.job.PersistedServiceJob.getContext(PersistedServiceJob.java:293) [ofbiz.jar:?] at org.apache.ofbiz.service.job.GenericServiceJob.exec(GenericServiceJob.java:70) [ofbiz.jar:?] at org.apache.ofbiz.service.job.AbstractJob.run(AbstractJob.java:87) [ofbiz.jar:?] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_201] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_201] at java.lang.Thread.run(Thread.java:748) [?:1.8.0_201]
I see that was addressed in OFBIZ-9794, but I don't see how to fix it.
Please advise steps I should try to fix this.
Attachments
Attachments
Issue Links
- is broken by
-
OFBIZ-10837 Improve ObjectInputStream class (CVE-2019-0189)
-
- Closed
-