·
11 commits
to QFJ_2_3_x
since this release
This is a bug fix release. It contains only few bug fixes and upgrades the MINA library to 2.2.4 since prior versions are vulnerable to RCE: https://www.cve.org/CVERecord?id=CVE-2024-52046 . However, QFJ is not directly affected by this since it does not use the affected ObjectSerializationCodecFactory.
https://github.com/quickfix-j/quickfixj/wiki/QuickFIX-J-2.3.2-release-notes