You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@myfaces.apache.org by "Hudson (JIRA)" <de...@myfaces.apache.org> on 2016/02/18 14:30:18 UTC

[jira] [Commented] (TOBAGO-1532) Adding CVE check of OWASP to the release process

    [ https://issues.apache.org/jira/browse/TOBAGO-1532?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15152300#comment-15152300 ] 

Hudson commented on TOBAGO-1532:
--------------------------------

SUCCESS: Integrated in Tobago 2.0.x #1428 (See [https://builds.apache.org/job/Tobago%202.0.x/1428/])
TOBAGO-1532: Adding CVE check of OWASP to the release process
* define a (hard) score (lofwyr: [http://svn.apache.org/viewvc/?view=rev&rev=1731057])
* tobago-trunk/pom.xml
TOBAGO-1532: Adding CVE check of OWASP to the release process (lofwyr: [http://svn.apache.org/viewvc/?view=rev&rev=1731054])
* tobago-trunk/pom.xml


> Adding CVE check of OWASP to the release process
> ------------------------------------------------
>
>                 Key: TOBAGO-1532
>                 URL: https://issues.apache.org/jira/browse/TOBAGO-1532
>             Project: MyFaces Tobago
>          Issue Type: Improvement
>          Components: Build
>            Reporter: Udo Schnurpfeil
>            Assignee: Udo Schnurpfeil
>            Priority: Minor
>
> There is a tool from OWASP to check for known security problems in dependent libraries.
> See https://www.owasp.org/index.php/OWASP_Dependency_Check



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)