You are viewing a plain text version of this content. The canonical link for it is here.

Posted to infrastructure-issues@apache.org by "Jeff Turner (JIRA)" <ji...@apache.org> on 2010/11/01 16:13:25 UTC

[jira] Resolved: (INFRA-3096) Check possible spam file names with Atlassian

     [ https://issues.apache.org/jira/browse/INFRA-3096?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jeff Turner resolved INFRA-3096.
--------------------------------

    Resolution: Not A Problem

JIRA correctly handles the attachment extensions, so they shouldn't be able to do damage. Glenn Butcher from Atlassian contacted us after seeing similar attachments on jira.atlassian.com. It sounds like the attachments did not contain JIRA-specific attacks.

> Check possible spam file names with Atlassian
> ---------------------------------------------
>
>                 Key: INFRA-3096
>                 URL: https://issues.apache.org/jira/browse/INFRA-3096
>             Project: Infrastructure
>          Issue Type: Task
>      Security Level: public(Regular issues) 
>          Components: JIRA
>            Reporter: Felix Meschberger
>            Assignee: Jeff Turner
>
> Tonight the Apache Felix project received a number of files attached to FELIX-2654.
> I removed the attachements but on request I can provide the file names:
>    Blender Update.asp
>    Color Chooser.txt
>    Disk Clean Up.asp
>    Security.asp
>    J Progress Bar.js
>    DJ.asp
>    System Upgrade.asp
> The files we uploaded by  "Charles L Fields" (id fieldscharlesl@yahoo.com)
> As discussed on #infra

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.