You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cloudstack.apache.org by GitBox <gi...@apache.org> on 2021/01/24 01:49:42 UTC

[GitHub] [cloudstack] AthenaXiao commented on issue #4590: Customized HostnameVerifier bypasses the hostname verification

AthenaXiao commented on issue #4590:
URL: https://github.com/apache/cloudstack/issues/4590#issuecomment-766273894


   Thank you so much for replying. We are a security research team at Virginia Tech. We are doing an empirical study about the usefulness of the existing security vulnerability detection tools. The reported one is what we got from certain tools. 
   
   We'll so appreciate it if you can give us some information about the following questions. Your feedback is important for us to help improve the state-of-the-art.
   
   1. What kind of bug checker/vulnerability detection tools you are using? Do you think they are helpful? 
   2. What kind of supports or features do you think are necessary for a bug detector to help the practices? E.g. Demonstration of exploits or some customized fixing suggestions?
   3. Are there any types of bugs/security vulnerabilities you want the detection tools to pay more attention to?
   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org